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Protect Your Computer As You Protect Your Business 
The SpoolKick Procedure = Sockets Programming 
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GALAXY 1100 


PORTABLE 


HIGH-PERFORMANCE UNIX WORKSTATION 


The Galaxy 1100 


C souilax applications demand sophisticated tools. Whether it be software development and 
demonstration, network administration, or other mobile HP-UX computing requirements, SAIC’s 
Galaxy 1100 portable workstation does the job. Galaxy delivers critical information to the 
commercial, industrial, and military user with the performance and reliability of the HP PA-RISC 
processor. 

Fully software compatible with the HP 9000/700 workstation series, this powerful and portable 
workstation offers superb graphics capability. Its 10.4-inch, full-color active matrix LCD renders 
images at a resolution of 1024 x 768. With minimum processing power of 79 SPECfp92 and 122 
SPECint92, the Galaxy is equipped to handle even the most demanding computations. 


Key Features 


¢ 80 MHz HP 712 PA-RISC CPU ¢ 10.4-inch color active matrix LCD 
¢ 32 MB of RAM expandable to 128 MB e 2 integral PCMCIA slots 
with error detection/correction capability e IEEE 802.3 Ethernet interface 


e 2 GB hard drive 
¢ 3.5-inch 1.44 MB floppy drive 


SCSI-2 interface 
POSIX-based HP-UX operating system 
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Science Applications International Corporation 

10770 Wateridge Circle, San Diego, CA 92121 

Tel 619-552-5334 or 1-800-447-4373 Fax 619-552-5253 
http://www.saic.com/it/stp/galaxy/index.htm! 
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An Employee-Owned Company 
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_ The only difference 
is the money you save. 


ith 17 years of knowledgeable experience monitors, memory and interfaces, as well as 


and reliable service, Monterey Bay Commu- ==" ———_ a variety of printers. 
nications is a leader in Hewlett-Packard workstation  ~ All equipment is warranteed and eligible for 
remarketing. We’re professionals at pro- Hewlett-Packard maintenance. An 
viding HP 1000 and 9000 users with extensive parts and spares inventory 
reliable equipment that is functionally — . | and knowledgeable staff ensure 
and cosmetically identical to what HP Support / Tech Expertise prompt service and immediate 
offers — and at substantial cost savings. sorted delivery. 

- Maintenance Eligibility 4.4 , 
In addition to the 700 / 400 / 300 / 200 Substantial Cost Savings For more detailed information or 
series, Monterey Bay Communications Simple Order Processing a price quotation, give MBC a call at 
also offers mass storage systems, lence i 408/429-6144. 
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Data Movement Solved! 


és 


‘Lhanks,Warehouse. 


Warehouse does two things. Move and manipulate data. 
Almost anywhere. No programming needed. 

If you need to cross HP, UNIX or VAX platforms. Or 
move between Image, Oracle, DBMS and other databases 
or applications. No problem. If you need to migrate legacy 
data across the network straight into relational databases. 
Done. It arrives as native data. 

Data warehousing is just as easy. In minutes, you can 
archive and retrieve selected data from any media. Make 


test and decision support databases. Think of the 
advantages. No downtime. No big intermediate flat files. 
And total platform transparency. 

Hundreds of companies depend on Warehouse. And 
Taurus is a certified “HP User Reference” company as well 
as a participant in the “Oracle Business Alliance Program.” 
So if you move data, now there’s a real solution. 
Warehouse from Taurus. Call today for details. 

Because Warehouse moves data. 


1032 Elwell Court, Palo Alto, CA 94303 
Phone: 415-961-1323 x100 + Fax: 415-961-1454 +» E-mail: sales@taurus.com » Web: www.taurus.com 


CIRCLE 123 ON READER SERVICE CARD 


UN UST Volume 4, Number 6 November/December 1996 


Features 
Protect Your Computer as 
You Protect Your Business by John A. Pexzzano—_ 22 
The Spoolkick Procedure by Bill Hassell — 300 
Sockets Programming by Andrew J. Phillips 38 
Book Review: The Dilbert Principle by Chris Curtin 52 

page 38 

Departments 
Q&A 8 
CSL Perspective 64 
HP 1000 Guru 66 
New Products 74 

Columns 
HP-UX Systems Administration by Chris Curtin 16 
HP-UX by David L. Totsch 20 
Windows NT by Bob Combs 54 

‘ Internet Goodies by Joe Berry 56 
X-Watch by Larry Headlund 60 
HP-RT by Anita Harris 70 
New Products 
See page 74 


Cover Story: 
See page 22 


Hands-On Solutions for HP-UX Users 


~ Lose your mouse and 
increase your productivi 


From Wall Street to Silicon Valley, your top competitors have replaced 
hundreds of free mice that came with their workstations with $199 
MOUSE-TRAK™ trackballs. The reason: productivity and reliability. 


Productivity: Laboratory testing has shown Reliability; MOUSE-TRAK’s rugged construction 
that only 4 hours of continuous mouse usage results in much higher reliability than mice 
can result in as much as 60% loss of hand or consumer trackballs. MOUSE-TRAK doesn’t 
strength. A trader, engineer, or data entry user _ take traders out of play or make support 

in that condition is simply not going to be as people pull their hair out! 


productive in the second half of the day as in 
the first. The same tests show no signs of 
physical fatigue when using a MOUSE-TRAK. 


Call, Fax, or email today to order or receive 
more information about MOUSE-TRAK. 


1-800-533-4822 
sales @ moustrak.com 
http://www.mousetrak.com 


The Professional’s Trackball 


international MOUSE-TRAK dealers: UU NTWare Ltd. Tel: 0865 784990 SunExpress Tel: 0800 89 88 88 * PHASELYS ‘el: 1 43 94 42 42 RISC TECHNOLOGY 
EUROPE Tel: 01 41 85 10 20 SunExpress Tel: 05 90 6157 ¢ Germany The Chameleon Group Tel: ()211-379057 SunExpress Tel: 01 30 81 61 91 * Switzeranc Datacomp 
Tel: 01-740 51 40 SunExpress Tel: 155 19 26 * Denmark DeSeCAM Tel: 48 24 12 04 ¢ | SunExpress Tel: 06.022 34 45 © Canada Guillevin Tel: 416 670 8433 © 
» Hypec Electronics Tel: (02) 808 3666 « en SPECMA Tel: 031 89 16 00 SunExpress Teh, 020 795 726 * Korea Aurora Systems, Inc. Tel: 718-4985 © 
vol Seg Tec ‘Tel: 972 3 556 7458 » Japan SunExpress Tel: 0120-33-9096 MOUSE-TRAK is mandfactured in the U.S.A. by ITAC Systems, Inc., 3113 Benton 
Street, Garland, Texas 75042 Fax: 214/: 494-4159 Patented by ITAC Systems, Inc. MOUSE-TRAK is a registered trademark of ITAC Systems, Inc. Other brand 
and product names are trademarks of their respective holders. 
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and how to|\cover it. 


orporations protect their people with 
comprehensive health insurance. 
They protect their buildings and 
capital equipment with catastrophic 
insurance. But what about 
the asset that many 
professionals feel is 
their most valuable? 
Data. 


We are Concorde 
Technologies. And our 
network backup solutions are really data insurang Be conconne 
Case in point? Our 2/10 DLT® Tape Systems. Pe 
for midrange applications, these high perforn 
200-gigabyte libraries house two DLT 4000 
and up to 10 DLT tapes. Their dual access 


heterogeneous 
optimizes system speed and delivers “lig 


work backup as no other 
HP Channel Partner does. We know 
 Eauean the right process, 


backup, even if a drive goes down. An intuit 
panel with a diagnostic display gives you the status of 


all important library operations, instantly. And because < =products and service. 
you can connect up to nine 2/10’s together where all carn We know how to analyze 


drives can access all tapes, Concorde Technologies your requirements and 


gives you a solution that meets your needs today — design the optimal solutions. And we know 

and tomorrow. how to install, train and support the system. 
Bottom line, we give you an edge that goes beyond In short, when it comes to your company’s data, 
any specific boxes we sell. That edge is knowledge. your asset is covered with Concorde Technologies. 


Solutions the box. 


beyond 


-00-359-0282 + (619) 536-5500 * Fax (619) 566-4396 


CONCO RDE email: sales@concordetech.com 


. TECHNOLOGIES URL: http://www.concordetech.com 


© 1996 Concorde Technologies, Inc. Concorde Technologies is a registered trademark of Concorde Technologies, Inc. 
DLT is a registered trademark of Quantum Corporation. All other names are trademarks or registered trademarks of their respective companies. 


CIRCLE 28 ON READER SERVICE CARD 


me p-ux/usr = november 1996 


Question & Answer 


Qi? I have a new optical autochanger and with so many surfaces, it looks like a 
sysadmin nightmare. Do you have any tips on how to manage these devices, espe- 
cially creating device files and formatting? 


AX: A typical 40-GB changer will have 32 discs or 64 separate surfaces, which 
means 64 separate file systems. For operating systems 9.xx and earlier (that sup- 
port the autochanger), the virtual mount capability allows many or all of the plat- 
ters to be mounted at the same time. Access to a given platter is simply by reference 
to the mount point or files/directories within the mount point. 

At 10.xx, this capability has been removed and only platters that have an available 
drive can be mounted. An alternative to this change in support is to use HP 
OmniStorage, which will manage disc surfaces in a more transparent manner. 

When first installing the autochanger, the two drivers autoch and autox0 must be 
gen’ed into the kernel. Once done, attaching the autochanger to the system and 
rebooting will cause insf (800 Series) to install the device files for the first 16 plat- 
ters. To install the rest of the device files for all platforms, use SAM: select the Disks, 
File Systems, then Magneto-Optical and choose the top menu Actions selection to 
add the additional device files. 

When initializing a large number of platters at the same time, you can speed up 
the process by taking advantage of autochangers that have more than one drive. 
The two scripts (odd and even platters, Listing 1) can be run at the same time on a 
changer with two drives. Both drives will have a disc installed automatically and the 
formatting will proceed simultaneously. If you have an autochanger with four drives, 
you can replicate the scripts and adjust each script to run a different platter at the 
same time. 

Be careful when you do a lot of operations on several discs at the same time. 
Autochanger thrashing will occur if you try to format both sides of a disc at the 
same time. By doing all batch operations from a script, you can control which disc 
is being formatted or new/s'ed. The parameters in Listing 1 for newfs are: 


newfs -L -n -m 0 -i 8192 <device_ file> <disktab_entry> 


where: -L = use long filenames (255 chars vs. 14 chars) 
mn = do not reserve a boot area at beginning 
-mQ =minfree =0 
48192 =bytes per inode 


Most HP-UX installations will need long file names—very little space is consumed 
with this option. -n will save some megs since the optical discs will most likely not be 
bootable discs. 

For autochanger platters, using minfree = 0 is generally OK since the platters 
would never be used for critical file systems such as /usr. Minfree reserves 10 percent 
of the disc (by default) so that after a disc mount point is full, 10 percent more will 
be available for root, ideally to log in and fix the full file system. 

Continued on Page 10 


Quick: Name the RAID system picked #1 
by PC Magazine, BYTE and LAN Magazine. 


™ 


When industry’s toughest independent critics put RAID subsystems to the test, they 

came to a unanimous conclusion. StorageWorks™ RAID subsystems from Digital™ 
«#7, delivered outstanding availability, reliability, and economy- plus industry-leading 
* performance. All designed as scalable solutions for today’s multivendor PC and 
siorageworts” UNIX networks, to protect your investment from desktop to datacenter. 


Solution 


“eae To find out more about Digital StorageWorks RAID solutions, call 
Workstation Technologies at (800) 663-1966. : 
orkstation Technologies at (800) Zs Wotssation 
Technologies, Inc. 
=e 


“Solutions for Your Open Systems Computing Environment” 


Digital, the Digital logo, StorageWorks and the StorageWorks logo are trademarks of 1-800-663-1966 


Digital Equipment Corporation. Other trademarks are property of their respective holders. Outside the US: 603-890-6700 
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question &@ answer 


In the two scripts, you will see reference to ~ 8192, which 
controls the amount of data associated with an inode. 
Decreasing this value (minimum is 1024) will increase the 
number of inodes, while increasing this number will decrease 
the inode count. In both cases, the amount of free space for 
data files will change with the inode size; larger -i parameters 
will result in more free space (see Table 1). 


The basic command is: newfs -L -n -m 0 
Add the parameter -i #### based on the table below: 


Disktab 
Model 


Bytes avail Inodes Avail 


per surface 


Bytes per 
inode: per surface 
hpS6300.650A -i 1024 278. 
hpS6300.650A -i 2048 295. 
hpS6300.650A -1i 4096 303. 
hpS6300.650A -i 8192 308. 
hpS6300.650A -i 16384 B10: 
hpS6300.650A -i 32768 S12. 


266,108 
142,780 
74,492 
37,244 
18,620 
6,204 


megs 
megs 
megs 
megs 
megs 


megs 


Ci/16T 2x 
Ci /16T 2x 


i 1024 564. 
i 2048 598. 


543,804 
291,644 
151,548 
75,412 
37,884 
18,940 


megs 
megs 
megs 
CLUIGT 2x 
C1716T_2x% 
C1716T_2x 


i 8192 626. 
i 16384 631.0 megs 
L 32768 633. 


megs 


0 
0 
C1/16T 2x 0 i 4096 616. 
0 
0 
0 


megs 


To get 308 megs per surface on a 1X (600-meg platter), 
The above table is for 1024- 
sectored discs. The available bytes will be slightly 
Note the tradeoff 
between the number of inodes (essentially the same as 


use a -i value of 8192. 
lower for 512 sectored discs. 


files) and capacity. 


The autochanger is an ideal CD-ROM server, especially for 
something like LaserROM or Application or Core CDs. By 
copying the entire CD-ROM to a surface (always use 1.2-GB 
media with 600 MB per side), you can share the discs on a 
network. For install/update, the usage is quite low and the 
chance that two or more users will require both sides of the 
same platter will be relatively low. 
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ib Platter Initialization 


First script (odd platters) 


#! /bin/ksh 
# Format odd numbered platters (slots), side A then side B 
# 
for PIATTER in | 35 79 11 13 15 17 19 
do 
for SURFACE in a b 
do 
echo Initializing Platter SPLATTER, Surface $SURFACE 
newis -—L no -—m 0 -1 8192 \ 
/dev/rac/c0d$ { PLATTER}${SURFACE}s2 C1716T 2x 
done 


done 


Second script (even platters) 


#! /bin/ksh 
# Format even numbered platters (slots), side A then side B 
# 
for PLATTER in 2 4 6 8 10 12 14 16 18 20 
do 
for SURFACE in a b 
do 
echo Initializing Platter SPLATTER, Surface $SURFACE 
newfs -L -n -m0Q -i 8192 \ 
/dev/rac/cOd$ {PLATTER}${SURFACE}s2 C1716T_2x 
done 


done 


QQ: How can I automate ftp to push/pull files from remote 
systems? 


#5 Here’s an example of a batch job set up asa script. The 
use of the construct <<EOD is known as a ‘here’ document, 
which acts as if ftp were receiving the commands from stdin. 
The nifty part is that items within the <<EOD until the line 
EOD will be expanded by the shell so that parameters and ENV 
variables can be used. The special word EOD can be anything 
(such as <<EnDol*mYdOc or <<DONE) as long as the string does 
not appear in the enclosed text. 


#!/bin/sh 


ftp to the remote system... 
$1 is the remote machine 
$2 is the logon 
$3 is the password 
$4 is the command (i.e., get or put) 
$5 is the source 


$6 is the destination 


+ FF HE HE HEHEHE HEHE 


/usr/bin/ftp -v -n >> /tmp/batchftp.log 2>> 
/tmp/batchftp.err <<EOD 

open $1 

user $2 $3 

$4 $5 $6 

quit 
EOD 


exit 


This is a template, since you may wish to perform addi- 
tional steps such as chmod or chown, or even create additional 
directories. You may wish to add ~ (to turn off the prompt for 
multi-file tasks like mput). The results of the ftp task are sent 
to two files for logging: stdout will have the commands and 
responses while stderr will have error messages. 


QQ: I’ve messed up my I/O configuration on a Series 800 
computer. How can I reset the configuration file? 


A#X= The file /etc/ioconfig contains a description of the I/O 
devices and associated drivers. When it becomes corrupted, 
rmsfand insfmay not operate correctly. If cori cannot rebuild 
/etc/ioconfig, it may be necessary to replace /etc/ioconfig with 
the ‘empty’ version. There are two methods: 


1. An empty copy is stored in /etc/newconfig. Simply copy 
this file to /etc as in: 


cp /etc/newconfig/ioconfig /etc 


2. Create an empty file using the vi editor: 
(be sure that vi works correctly for the terminal being used) 


mv /etc/ioconfig /etc/ioconfig.old 


vi /etc/ioconfig 


Type the following chars: i!”I0*v*Desc 

i means insert new characters 

!”"IO_ is the empty ioconfig requirement 

“v means press CTRL and V at the same time 
“D means press CTRL and D at the same time 
esc means press the ESCAPE key 

then save the file with: wa! 

Now the computer can be rebooted with shutdown -r 0 
or reboot -qand the zocon/jig file will be recreated. Note that 
device files will not be affected by this task so it is probably a 
good idea to do this task in single-user mode. 


where: 


After the reboot starts, interrupt the boot process and go 
into single-user mode to make sure the device files still match 
the hardware addresses. If not, you can delete the device files 
using rmsf -H (don’t worry about active disks—the device files 
can be removed and added on a running system). Then you 
can add the device files back again using insf -H, and to 
force a specific naming convention (i.e., Logical Unit or LU 
number), use the -/ option. Note that existing LVM disks must 
keep the same device file names. These names are hardcoded 
into several config files and cannot be changed easily. 


QQ: I have a 735 running HP-UX 10.01. I’ve noticed lately 
that my application transactions have been taking longer. How 
do I start to analyze the problem? 


AX: Performance analysis is a very complex process. It is a ser- 
vice that HP offers on a consulting basis. The important thing 
to remember is that performance is very relative. There are very 
seldom definite thresholds to go by. Also, what one user finds 
acceptable performance another may not. Since the perfor- 
mance statistics are relative, the best thing for you to do is 
gather data when the system is performing well. As a result, you 
will have a “standard” for comparison. 

There are three bottlenecks on a system: disk, CPU, and 
memory. Let’s first discuss the tools that are available with the 
core operating system. vmstat(I) is a quick way of getting an 
overall picture of performance on the system. It shows such 
things as CPU activity, paging, and disk activity. It is executed 
on an interval and iteration basis. The following command 
will report statistics at 5-second intervals for a count of 10. 

Continued on Page 12 
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question © answer 


# vmstat 5 10 


sar(1) is new to the 700s at 10.x. It 
also is run with parameters represent- 
ing interval in seconds and the number 
of iterations. sar(1) is a bit more robust 
than vmstat(1). It has many different 
options that show such data as buffer 
activity and system call use. Another 
handy aspect of sar(J) is that it shows 
the size of the kernel process table and 
kernel file table. Please refer to the man 
page for sar(1) for more information. 

Some other tools that are available 
are top(1), uptime(1), vostat(1), and ps(1). 

There are also some tools that can 
be purchased as separate applications. 
The most popular is Glance. It is an 
extremely useful tool. Glance has the 
advantage of reporting a great deal of 
per process information. top(1) is the 
only tool that also reports per process, 
but it is much less verbose. 

Now, let’s discuss the bottlenecks. 


CPU 

The symptoms of this bottleneck are 
usually high CPU utilization and a high 
run queue. umstat(1) and sar(1) are good 
tools to use to check those values. 
Utilization of 100 percent alone does not 
mean you have a bottleneck. That simply 
means you are fully utilizing the resource. 
However, the run queue shows runnable 
processes that are waiting. The accept- 
able number of waiting processes is one 
of those relative values discussed earlier. 

What can you do besides purchase a 
more powerful CPU? If this problem 
has come about suddenly, you might try 
to look for a single process that is hog- 
ging the CPU. You can do this with top(1) 
or ps(1). Find out from the appropriate 
support resource if this is “normal.” If 
you have a process that you know will 
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be CPU intensive, you might try adjusting its system nice value. See the man page for 
nice(I) or renice(1). This value comes into play when the process scheduler is recal- 
culating process priority. It will make more of a difference for a short-running 
process. Another thing you can do is better organize the run schedule of CPU- 
intensive processes. If possible, delay some to less heavy times of the day with the use 
of cron(1). 


Disk 

The symptom of this bottleneck is high disk activity. Often times you will also 
see low CPU utilization as processes are having to wait for I/O transactions to be com- 
pleted. Again, you must have benchmark data for comparison. You can use iostai(1), 
sar(I), and vmstat(1) to check out your disk activity. 

Your single most important goal is to spread the I/O contention evenly among 
your disk drives. Remember to include swap areas in the equation as well as your data 
areas. If some of your data areas are on file systems, you may want to talk to your 
vendor about file system parameters such as block size. 


Memory 

Most often a memory bottleneck will mask itself as a CPU bottleneck or a disk 
bottleneck. If processes don’t have enough memory, the system will start to page. The 
paging daemon vhand will use CPU to do its work, and I/O to disk is going to increase 
as the pages are transferred to the swap areas. This is why it is very important to con- 
sider your swap configuration thoughtfully. vmstat(1) reports paging information. 

The first thing to consider is the size of your buffer cache. At 10.x, the buffer 
cache can be a static size or vary between a configurable minimum and maximum. 
If you reduce the size of your buffer cache, you will have more memory for run- 
ning processes, but your file system I/O might suffer. Another option is to find the 
memory hog process and “help” it finish faster. Again, you can use the system nice 
value, but this time you will make it less “nice” to the rest of the system. Another idea 
is to call your application vendor and inquire about application parameters that 
would affect memory utilization. 


QQ: We are using a new application on our 712 workstation running HP-UX 9.05. 
We are receiving the following error from time to time: 


PID XXX was killed due to stack growth failure. 
Possible causes: insufficient memory or swap space, or stack size 


exceeded maxssiz. 


£5 The process either is running out of total swap or is exceeding the size of the 
process stack. The size of this stack is determined by the configurable kernel para- 
meter maxssiz. This is a per process value. Its default value is 8 MB. 
First, let’s talk about the output from swapin/o. 
Continued on Page 14 


The BEST Products 
The BEST Performance 
The BEST Warranty 
The BEST Value 


Backup Programs Optical Disk Drives 
for UNIX and Novell = Rewritable, Write Once, 


= Omniback and Omniback- and CD-Recordable 
Turbo, Hi-Back, Networker, ... 
ARCserve, Budtool, DATtool, 
OpenVbackup, and others 
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Tape Library Autochangers 
= HP 4mm DAT, Exabyte 8mm, 
3480, QIC, DLT, S-VHS, and 

AMPEX DST 19mm drives 
= Up to 600 cartridges 
per changer 


Optical Disk Autochangers 
m 3-1/2", 5-1/4" and CD (Up to 
144 cartridges per changer) 


Autoreply 

= Allows any backup program 
to control Autochangers (TAR, 
CPIO, DUMP, FBackup, etc.) 


Custom Device Drivers 
« For HP 1000 and 9000 


Disk Drives and Towers Custom Programming 


Quadrajet : : ; 
= Fixed or removable drives = Consulting and 
e pees rien ane . = Fast and Fast-Wide options Programming Services 
and capacity « HP disk mechanisms with Robotic Control Software 
= Automatic tape mirroring 9-year warranties = With API, Interactive, 
UNISTORE® Memory Expansion and GUI interfaces 
= Unattended backup and = For HP 1000, 3000 and 9000 Call with your requirements! 
Hierarchal Storage RAMdisk 
Management (HSM) for = For HP 1000 and 9000 
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servicing your HP system.” AUTOMATION 
Rick Walsh 7414 Manatee Street 
CEO Sarasota, FL 34243-1824 U.S.A. 


Phone: 1-941-358-2001 © Fax: 1-941-358-2010 


question © answer 


# swapinfo -tm 


Mb Mb Mb PCT START/ Mb 
TYPE AVAIL USED FREE USED LIMIT RESERVE PRI NAME 
dev 48 4 44 8% 0 - 1 /dev/vg00/l1vol2 
dev 36 4 32 11% 0 - 1 /dev/vg00/1vol3 
reserve - 25 -25 
memory 17 11 6 65% 
total 101 44 57 44% = oO - 


The -t option is important as it produces a total line. This totals the amount 
of swap actually in use and the amount in reserve. (Processes will reserve swap 
when they start and if necessary as they continue to execute. The swap is not 
in use, but it is held for that process.) 

As the problem process runs, watch the total PCT USED value. If it nears 
100 percent, you might have a system swap problem. In that case, you will 
need to add more swap or reduce the amount being used on the system. That 
would entail removing processes or reconfiguring them. 

If the total swap usage stays low, then you are likely running out of space for 
the process stack. This parameter can be increased via SAM or manually. Either 
way, it will necessitate a reboot of the machine. This will not cause processes 
to use more space for the stack; it will only allow them to do so. However, the 
default size is usually adequate. You might want to run this problem by your 
application support to ensure that improper execution flow is not the fault. 


Qi:= I'm having a problem sending network mail from windows within VUE. 
Every time I type the “@” symbol, it deletes my address line. 


4%: The problem is that the kill or delete-line character is set to “@”. Add the 
following line to SHOME/.vue/sessions/current/vue. resources: 


*ttyModes: erase “H intr *C kill “U start “Q stop *S swtch *@ susp *Z 


Or, from the Toolbox on the front panel: Toolbox->General- 
>System_Admin->EditResources. That will put you in an editor. Add the 
previously mentioned line to the file, save it, and exit the editor. You must 
log out and back into VUE for it to take effect. 


QQ: | have a user bob who is a member of the group prod. I have the following 
executable on the system. 


-rwxr-x-- 1 jan prod2 16384 Aug 9 17:16 trans 


bob cannot run this executable. Why not? 
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X= By default, a user only has the group privi- 
leges associated with his/her primary group. The 
primary group of a user is named in the user’s 
entry in /etc/passwd. You can check out the cur- 
rent group privileges with the zd(J) command. 


# id 
uid=270 (bob) gid=120(prod1) 


It is possible to change the primary group 
affiliation with the newgrp(1) command. 
However, an alternative is to create a file called 
etc/logingroup. You can refer to the group(4) man 
page. Usually, this file is a link to /etc/group, but 
it can be a separate file with the same data for- 
mat as /etc/group. This file is used to define a 
default group access list for each user. It essen- 
tially gives a user privileges for his primary group 
and secondary groups at the same time. The 
list is built at login, so users will have to log back 
into the system to be affected by modifications. 


# In -s /etc/group /etc/logingroup 
(user bob logs back in) 


# id 
uid=270(bob) gid=120(prod1) groups=121 (prod2) 


Xz I have added a third-party networking appli- 
cation to my 712 running HP-UX 10.10. Now I 
am unable to generate a new kernel. The fol- 
lowing message is displayed: 


# mk_kernel -s system 

Compiling conf.c... 

Loading the kernel... 
/usr/ccs/bin/1ld: Unsatisfied symbols: 


Why is this happening? ‘ 
AX&= This can be a common occurrence when 


adding software that involves the kernel. The 
problem is that routines are being referenced 


from object modules that are not being 
satisfied by the libraries in the link state- 
ment. One of two things has likely hap- 
pened. Either the application libraries 
were not loaded correctly on the system 
or the libraries were not added to the 
make file properly due to problems with 
the tables in /usr/conf/master.d. This file, 
among other things, associates drivers 
with the appropriate libraries contain- 
ing the driver object code. 

First, make sure that you don’t have 
a problem with the operating system 
itself. Edit /stand/build/system and tem- 
porarily remove any lines that refer to 
the application. Make sure you can build 
a kernel from this system file. 


# mk_kernel -s system 


If the kernel is generated successful- 
ly, you have a problem that is specific to 
the addition of the application software. 
Contact your application support rep- 
resentative. tl 


General HP-UX questions are answered by 
Bill Hassell, a support engineer at the HP 
Atlanta Response Center. He can be contacted 
via e-mail at blh@hpuerca.atl.hp.com. 
Workstation questions are answered by Susan 
Potter, an HP-UX system support engineer 
in the Atlanta Response Center. Her e-mail 
address is sup@atl. hp.com. 


QUALITY HP 
WORKSTATIONS - 
WITHOUT THE HP PRICE 


RENT - LEASE - BUY 


Immediate Delivery On Most Items 


¢ 700 SERIES: Models 710, 715/50, 715/75, 715/100, 
735, 735/125, 712/60, 712/80, 745i 


¢ XSTATIONS: ENVIZEX, C270X 
e All 300, 400T and 400E Series 


« Memory, Features & Disc Upgrades for 
all Workstations 


¢ CPU Upgrades: 715/50, 715/75, 735, 735/125, 
425, 380, 360 


More Than 1500 Satisfied Customers 
Throughout The USA and Worldwide 


For technical info, specs or pricing 
call Mordy or Carol 


C.S.U. Industries, Inc. 
207 Rockaway Turnpike, Lawrence, NY 11559 
(516) 239-4310 FAX (516) 239-8374 
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Aliases, Baud 
Rates, and 
More 
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-UX System Administration 


THIS MONTH I AM GOING to cover 
several small topics, all of which are 
important, but not sufficiently in-depth 
detailed enough to warrant a whole 
column. 


Sendmail Aliases 

In the September 1996 column I 
reviewed the sendmail ‘Bat’ book and 
gave an introduction to sendmail and 
its configuration. One area I did not 
touch on was aliasing. In sendmail, and 
most e-mail systems, an alias is used to 
send a message to one or more people, 
or to send one user’s mail to another, 
without the sender knowing it. 

There are several uses for sendmail 
aliases: 


1. Forwarding root, uucp, adm, etc. 
e-mail to the “real” system ad- 
ministrator. 

2. Creating a single alias for the entire 
company, department, or group for 
internal use. 

3. Creating a single alias for the entire 
company, department, or group for 
external use. 

4. Forwarding e-mail for an employee 
who is on vacation or who has left 
the company to another employee 
so it can be handled properly. 

5. Defining multiple names for a user 
for external e-mail. 


The first use is probably the most 
obvious. Since you should not be log- 
ging in as root as your primary user, it 
may be hours, days, or even weeks 
before someone checks root’s mailbox. 
By aliasing root’s mail to another user, 
that user will receive the mail and be 
able to act on it immediately. 

The second use, setting up an alias 
for the company or a group, allows send- 


by Chris Curtin 


mail to keep in one place a list of who 
belongs to a group, instead of each user 
having to keep his own alias databases. 
I have defined several aliases for my 
company (no, these are not the real 
ones, so don’t try sending e-mail to them 
at bwilab3.atl.ga.us!): “all” for all 
employees, “sales_mkt” for the sales and 
marketing group, “techies” for the devel- 
opment staff, and “office” for the office 
staff. By using sendmail’s alias feature, 
when an employee, like our latest 
co-op, begins work, I modify the “all” 
and “techies” aliases and the new 
employee automatically begins receiv- 
ing e-mail sent to those groups. 

The third use, an external alias, is 
useful for your customers to send e-mail 
to your Sales, Human Resources, or 
Technical Support employees without 
having to know a specific person’s name. 

The fourth use is important if you 
have certain users who receive e-mail that 
must be responded to or acted upon, 
because the sender cannot wait for the 
person to return from vacation. Also if 
any employee leaves the company, it may 
take some time for your customer base 
to know their new contact. You don’t 
want to bounce their e-mail back. 

The fifth use was something I did not 
have to do until recently. We hired an 
employee who has been in the industry 
for a long time. He had used the same 
user name for years, just changed his 
domain. This way, when he said “I now 
work for Bradley Ward Systems, Inc.,” 
his contacts could send him e-mail at 
the same user name, but a different 
domain. Unfortunately, his long-time 
user name didn’t match the corporate 
naming standard (which is a very, very 
complicated system: the user’s first 
name!) (Yes we are that small, but not 
for much longer....) So I created an 


LOOKING FOR A FASTER WAY TO LOAD YOUR DATABASE? 


SyncSort UNIX can help you complete database loads, reorgs and reports in as little as half the time. 


SyncSort combines high-speed sorting, versatile data manipulation features and the ability to handle a 


variety of data and file types. The result is a powerful, flexible tool for $ mcsore 
| 


breaking database bottlenecks. To order SyncSort or for a free copy of our era 


; Tel (201) 930-8200 dept. BEHUS 
booklet, “Sorting and Relational Database Performance,” please call or fax. _ Fax (201) 930-8285 dept. BEHUS 


“ 
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alias on our mail server to accept his 
external name and map it to our 
internal name. 


Setting Up an Alias 

Setting up a sendmail alias is pretty 
easy: edit /usr/lib/aliases and add a line 
like the following: 


alias: destination 


where alias is the original address (such 
as root, or bob) and destination is the 
address the mail is to be forwarded to. 
The destination can be a comma- 
separated list of users. There can be only 
one alias in the file, but a user can 
appear in multiple destinations. 

If you don’t already have a 
/usr/lib/aliases file, copy the one in 
/etc/newconfig/aliases to /usr/lib/aliases. 

Once the aliases have been entered, 
save the file and run usr/lib/newaliases 
to tell sendmail about the aliases. 

The first thing about sendmail aliases 
you will note is that you must be root to 
edit the aliases file. So normal users can’t 
change aliases or add their own. 
However, every e-mail client/viewer I 
have seen has the ability to add user 
aliases that behave the same way as send- 
mail aliases. The nice thing about using 
sendmail aliases is that they are global, 
so changes are made in one place, not 
in every user’s personal aliases. 


Modem Baud Rates 

‘Two baud rates must be set when con- 
figuring a modem: the first is the rate 
between the modem and the calling/ 
called modem. The second is the rate 
between the modem and the serial port 
and getty on the server. One of the most 
frustrating, and easy to fix, problems 
when setting up a modem is that the 
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getty on the server is looking for the 
modem at one baud rate while the 
modem is talking to the getty at a dif 
ferent rate. 

The problem is caused by both sides 
“hunting” for the correct baud rate. 
Fixing the problem is easy if the modem 
is “intelligent” and almost impossible if 
not. By intelhgent | mean that the baud 
rate between the modem and the serial 
port can be locked at a specific value. 
Usually this is referred to as “Baud 
Adjust.” When Baud Adjust is enabled, 
the modem will try to detect the speed at 
which the serial port is communicating. 

Unfortunately in most UNIX systems, 
the getty is trying to do the same thing. 
Look at /etc/gettydefs. Without getting into 
the gory details of what the fields mean, 
look at the first item in a “paragraph.” 
It should be a number such as 1200, 
2400, or 9600. Then look at the last line 
in the paragraph. It should look like: 


#login: #2400 


The number might be different. 
What this line does is tell the getty the 
next baud rate to try if the current entry 
cannot successfully connect to the serial 
port. This is fine for ASCII terminals 
that are hardwired to the server and 
always communicate at the same rate, 
but a modem connected to the serial 
port cannot guarantee a valid connec- 
tion (or a specific speed each time). Or 
can it? 

As I said earlier, most intelligent 
modems can perform a function known 
as Baud Adjust. This feature is nice for 
PCs running non-UNIX OSs but can 
cause havoc on UNIX systems. Why? By 
default the getty wants to hunt for the 
correct baud rate. If the modem is doing 
the same thing, the two may never sync 


up. Think about it: The modem con- 
nects at 9600 and tries to connect to the 
getty. The last connection was at 2400 
so the getty is still set at 2400. Since the 
rates are different, the user sends a break 
to wake up the server. The getty now 
goes to 4800, but the break sent the 
modem to 1200. The cycle will continue 
until the modem or the getty is reset. 

So what to do? Lock down the baud 
rate of the connection between the 
modem and the getty. In /etc/gettydefs 
there is an entry for 19200 which auto- 
matically tries 19200 again when the 
getty receives a break. This way the getty 
is always at 19200. Edit /etc/inittab and 
change the baud rate at the end of your 
getty command to 19200. Execute a 
telinit, then kill the getty. 

Next change your modem’s config- 
uration. Turn off Baud Adjust (usually 
$BA) and force the Serial Port Baud 
Rate to 19200 (typically $SB19200). 
Note, your modem may use different 
commands, or have a different maxi- 
mum baud rate (older 2400’s did). If 
your modem’s maximum serial port 
baud rate is less than 19200, edit /etc/get- 
tydefs, copy the 19200 entry (all four lines 
PLUS the blank line) and change the 
19200 in all places to your maximum 
speed. Save the file and change your 
inittab file as described earlier. 

Now what you have is a connection 
from your server to your modem, which 
is always a fixed rate regardless of how 
fast or slow the modem calling your 
modem can communicate. 


Quickies 

Want to change the first thing users 
telnetting to your system see? Edit 
/etc/inetd.confand modify the telnet line 
as follows: instead of just /etc/telnetd 
telnetd, change it to /etc/telnetd telnetd -b 


FILE_NAME where FILE_NAME is the 
name of the message you want them to 
see. Reload inetd with the following com- 
mand: /etc/inetd -c. Then telnet in to see 
how it looks! 

Interested in public domain soft- 
ware for HP-UX? The Liverpool 
archives have a daily e-mail mailing 
list of the new or updated packages. 
Send e-mail to Majordomo@csc. liv.ac.uk 
and include “subscribe hpux-daily 
YOUR_E-MAIL_ADDRESS” in the 
body of the message. 

YOUR_E-MAIL_ADDRESS is the 
address to which the daily update is to 
be sent. 

In the May 1996 column I men- 
tioned a site that contained some HP- 
UX 10.X release notes and manuals 
online. I received several messages 
telling me that the URL was not valid. 
In my last column I asked if anyone 
knew where to find this information. 
After sending the column off to my 
editor, I received some e-mail with a 
new URL that does work (or did in 
August): hitp://www.uiuc.edu/ccso/work- 
station_grp/hp_proyect. 

That’s it for this time. Keep the com- 
ments and ideas coming. rl 


Chris Curtin, a software developer for Bradley 
Ward Systems, Inc. in Atlanta, Georgia, spe- 
cializes in device driver development for factory 
automation on the HP 9000. He can be 
reached via e-mail at: chris@bwilab3. atl. ga.us. 
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Large Databases Require _ 
New Solutions for Backup #!! i 


Backup 4 to 8 Gigabytes/Hour/Drive 
- INALLY! Store 20 to 40 Gigabytes/Tape 


 desoloons Libraries from 5 to 264 Cartridges 


DallasTools 


os Restore and Archiving 
- Software (eteror ee Networks 


Dallastone also sells and supports all major brands — 
Quantum, Breece Hill, ADIC and Odetics 


mT DALLASTONE 
: )) 2 Cote Lane 


Bedford, NH 03110 


Phone 603-647-8168 

Fax 603-624-2466 

Email dtool@delphi.com 
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Make the UNIX to MPE Connection 


IX/92- 


Full featured HP terminal emulation 


New! Version 6 


Faster File Transfer 
NS/VT Network Option 
Enhanced Script Language 


Available for: 


HP-UX Interactive UNIX SCOUNIX SunOS/Solaris 
Software Licensing Corp., Suite 280, 930 Tahoe Blvd. Unit #802 
Incline Village, NV 89451-9436 


Phone: (800) 831-0882 or (702) 832-0881 Fax: (702) 832-0883 
All trademarks are the property of their respective holders. 
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by David L. Totsch 


FREQUENTLY, I FIND MYSELF wanting to capture text that is on the console into my 
log book or into a file on the system. It would be nice to have an inexpensive printer 
lying around to attach to the printer port on the console when needed, but the 
adage “what you don’t use you lose” applies to any computing equipment that just 
sits, including cheap little printers with desiccated ribbons and yellowed paper. 
Usually, these messages are system messages or Tomb Stones recorded by the Service 
Processor. Always, it is text I want to capture for posterity or further investigation (yes, 
laziness is the mother of invention—and computers are the culmination of a lazy per- 
son’s dreams). These nifty little consoles, the “smart” terminals that they are, have 

° the information recorded in their memory. The difficulty is getting the informa- 
Capturing tion from the terminal’s memory into an ASCII file (without typing more that it 
would take simply to key in the message(s) ). 
Console ‘Text Actually, it really is not much trouble at all to get that information out of the ter- 
minal’s memory and into a file. Merely get the information you want captured dis- 
to a File played. Then, from a login, run the cat command to capture standard input to a file. 
Use the Scroll Down key or shifted arrow keys to move back in memory until the text 
you want to capture is displayed. Now press the enter key (not the Return key— 
the enter key is on the far right of the space-bar row). Every line that you display by 
depressing the enter key will be recorded in the file you have cat redirected into. 
When you have displayed all of the lines you want to capture, tell cat to stop by 
entering ctrl-d. The file you were running cat to now contains the lines you dis- 
played by pressing the enter key. 
Here is a description of capturing the help information from the Access Port 


on a T500: 
ctrl-b get the system’s attention 
and enter the Access Port 
(you should see the “CM>” prompt) 
he display the AP help information 
co return to console mode 
cat > myfile capture to ‘myfile’ 
press Scroll Down until the top 
line displays “CM> he” 
press Enter until you have captured 
all of the lines you want 
ctrl-d tell cat to stop capturing 
clear clear the screen (if you wish) 
cat myfile you should see the following: 
CM> he 


HP 28639A Access Port Revision 1.1 - 3245 


CA - Configure system remote support modem port. 


CO - Enter console mode. 
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New and Refurbished 
1000/3000/9000 HP Equipment 


NORCO — 


COMPUTER. SYSTEMS, INC. 


21337 Drake Road, Cleveland, OH 44136-6620 


(216) 
eMai 


CM> co 


572-4040 (800)-892-1920 Fax (216)-572-0636 
il: norcocomp@aol.com web: www.norcocomp.com 


The total product & service package can only be found at NorCo. 
Call today and see what we mean when we say, 
"New or used, NorCo means a good deal and a good deal more!"™" 


ISN'T IT TIME FOR NORCO? 
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Copy screen from local console to remote console. 


Disconnect line to remote console terminal. 


Disable access by a remote console terminal (enable session 


access). 


Disable display of system status line during console mode. 


Enable access by a remote console terminal (disable session 


access). 


Enable display of system status line during console mode. 


Display this screen. 


Lock remote (disable modem access) . 


Use RS command in SP mode. 


Transfer remote terminal from console/control to session mode. 


Enter Service Processor mode. 
Initiate Access Port selftest. 


Use TC command in SP mode. 


Send message between the local and remote console terminals. 


Unlock remote 


(enable modem access). 


Now, the next time the console coughs up some of those cryptic little foreign 


messages and you find yourself meticulously recording them in your log book, make 


the system do the work for you. Of course, the underlying requirement is that the 


system be operational. Sigh. You can 
always beg for an inexpensive printer 
to attach to the console...but that is 
another story. L 


After serving several different organizations 
over the past eight years as a system admin- 
istrator with various flavors of UNIX, David 
L. Totsch still enjoys the profession. He also 
enjoys discussing UNIX with just about any- 
one. At present, he is working with HP-UX 
systems and wide-area networks for a Fortune 
100 company in the Piedmont area of North 
Carolina. He can be reached via Internet: 
dtotsch@wfu.edu. 


hp-ux/usr «= november 1996 Bex 


Protect Your Computer 


As You Protect 


Your Business | 


Illustration by Michael Ehrhardt 
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by John A. Pezzano 


Basic computer security is like basic 
security in any other area. The concepts 
are the same; only the specific imple- 
mentation changes. Therefore, when 
researching information on how to explain 
to managers and administrators the basic 
steps to take to protect their computer sys- 
tems, I didn’t have to go to a technical 
library to define the concepts. I simply 
called my local police department’s com- 
munity relations unit and asked them for 
some brochures on protecting a small busi- 
ness from crime. The information they 
provided had all the steps needed. I just 
had to interpret them for the computer. 


Physical Security Procedures 

It is important that the perimeter of 
a computer system be protected from 
those who are trying to break in to it. 
The first line of defense against an out- 
side attacker is making sure the basic 
entryways to a system are secure. 


Make sure that all exterior doors are 
constructed of solid wood or metal for 
maximum security.! 

The doors of a computer system are 
its terminal connections. Solid doors 
require good passwords to keep a hacker 
from repeatedly beating against the sys- 
tem and breaking in through a weak 
password. Brute force methods, such as 
trying all sorts of common password 
combinations, are often used by the 
patient hacker. Good passwords, like 
solid doors, are hard to break. 

Good passwords are at least six char- 
acters long and have at least one 


non-alphabetic character. Common dic- 
tionary words, login names, or family 
names make for weak doors. Misspelled 
words (mispelld) , words with embedded 
numeric characters (such as hOuses 
instead of houses), words containing non- 
alphanumeric characters (mom pop-or 
better, mOm&pOp), first letters of phrases 
(apsiape for A penny saved is a penny 
earned) are all much more solid. 


For additional protection, a bar across 
the exterior of the door, held in place by a 
padlock, is good security. 

Use the extra level of a dialin password 
for additional protection for those 
exposed modem doors. It constitutes one 
more layer of protection and slows down 
the hacker attempting to break in. Like 
the construction of the door itself, the 
dialin password bar should have a pass- 
word that is difficult to break. The 
/etc/dialups and the /etc/d passwd files, if 
they exist, require that an additional pass- 
word be provided. This password is not 
user-dependent, but instead is based on 
the login shell program of the user. Since 
any port names specified in the dialups 
file require the use of the “dialin” pass- 
word, this added protection can be used 
not only for modems but for terminal 
ports out on the factory floor, for example. 


For maximum security, a dead bolt or 
jimmyproof rim lock with a one-inch bolt 
should always be used? 

For maximum protection, don’t let 
the hacker even get past the modem. 
Dialback modems, which require addi- 
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tional passwords or dial back the caller 
at a known location, provide maximum 
protection. As an adjunct or alterna- 
tive, there are security systems that 
require a special box that transmits a 
security key. Others have credit card 
sized displays that provide a key that 
changes every minute. 

When the doors are not in use, dis- 
able them. Modems and/or local ports 
can be disabled or enabled by selectively 
using init states. For example, iii state 
2 might enable all ports. At night when 
dialin terminals might be disallowed, 
change to znzt state 3, which permits 
local ports but not dialin ones. 

If you have a bank of modems, 
another possibility during off hours is 
to disable all but one high-security 
modem that has a separate number for 
administrator use only. 

Too often administrators fail to con- 
sider this most basic step: If you turn off 
the modems when they are not in use, 
nobody can dial in to them no matter 
how sophisticated they are. 


Lock unused doors.* 

Doors that are not going to be used 
for a while should be securely locked so 
they cannot be opened except from 
inside. Disable passwords for users on 
extended absence (long vacations, out 
of country, working on special projects 
where computer access is not needed, 
etc.). Simply replacing the password in 
the /etc/passwd file with an asterisk (*) 
results in that account being disabled 
as no password encrypts to this character. 


Continued on Page 24 
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Skylights, ventilation ducts, and fire 
escapes may tempt a burglar because 
they’re usually not visible from the street 5 

Alternate entrances to a system 
must be protected. Burglars don’t 
always come through a door or win- 
dow. They find any weak entrance, so 
look for them. 

Alternate root user names should 
be avoided if at all possible. Although 
sometimes necessary, alternate root 
user names are a weak point. Often 
these IDs are buried in the password 
file and so are forgotten. When an 
administrator leaves, these alternate 
IDs may not be removed or have their 
passwords changed. Since an alternate 
root user is often set up for conve- 
nience, many times the password is also 
chosen for convenience and fails to 
meet the stricter guidelines set for 
other users. 

Network capability that is not 
required should be disabled. If your sys- 
tem is, as most are, on a network, dis- 
able those features that are not 
required. If you use only telnet but not 
ftp or rcp, disable those capabilities by 
deleting the services in the /etc/services 
file or, for HP-UX, limiting access via 
the znetd. conf file. 

A common method of becoming 
the root user is to find suid programs 
or scripts. Suid programs give the capa- 
bility of the program owner to the pro- 
gram user. So, for example, while a 
user cannot edit the passwd file, he can 
change his own password by using the 
passwd program, which gives him root 
capability only for doing this one job. 
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Suid (set user id) programs run 
using the capabilities of the program 
owner rather than those of the user. 
Programs that must run suid should be 
known and checked. Suid programs 
must not allow ordinary users to write 
into them as this would allow a user to 
change their operation. 

Suid scripts are even more vulnerable 
and should be avoided if at all possible. 

To protect against forgotten or 
unknown suid programs and scripts, 
disks can be mounted so that the suid 
bit is ignored even if present. By lim- 
iting suid programs to one or two disk 
volumes and mounting the others 
without suid capability, even a forgot- 
ten potential entryway can be blocked. 


Some businesses may need to install an 
alarm.¢ 

When someone breaks into a system, 
an “alarm” should go off. Such alarms 
can be triggered by commercial security 
programs or public domain ones such as 
Tripwue, which checks for programs that 
have changed. In addition, the admin- 
istrator can write simple scripts that look 
for unusual activity and report on it. For 
example, a script might check for too 
many failed login attempts from a port 
or Internet address or too many dif- 
ferent user names trying to log in toa 
single serial port or modem. It is impor- 
tant that any security program not pro- 
vide so much information that essential 
data gets lost and missed. For example, 
if there are 100 root sus a day, a sum- 
mary report should filter out the 
expected ones such as root->root, cron 
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jobs, standard administrator user->root, 
etc., and display only those that are 
unexpected or that occur during odd 
hours. Otherwise, finding the unusual 
entries can be impossible. 


For an expert appraisal of your security 
needs, ask for a premises security survey 
by your local law enforcement agency, or 
check with a reputable professional 
consultant.’ 

There are numerous security pro- 
grams that you can run to do a secu- 
rity survey. C.O.P.S. (Computer Oracle 
and Password System) is a good 
general-purpose public domain secu- 
rity checker. It will test for weak pass- 
words, suid programs, the ability to 
break through known weaknesses, 
and more. 

SATAN is a public domain system 
administrator’s tool for checking net- 
work security. 

Crack is a public domain tool to do 
extensive testing of passwords. 

Third-party software packages are 
also available. The main advantage is 
that their reporting is more readable 
and understandable and support is avail- 
able from the vendor. 

An outside security consultant can 
give you an independent look at your 
security weaknesses and recommend 
improvements. Hiring such a consul- 
tant before your system is successfully 
attacked can save a lot of time, money, 
and heartache. Always verify the cre- 
dentials and integrity of any outside 
security consultant as you are expos- 
ing all your weaknesses to this person. 


Continued on Page 26 
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Data Center right, 
* ~# | 


hen your Data Center has 
problems it's a race against 
time until they are corrected. We have 
JMS to schedule and control your batch jobs, and 
CALLBACK to monitor and notify you of critical 
conditions. You will be notified by phone, pager or 
alpha pager of any user defined conditions or other 
problems that occur within your Data Center. 


JMS JoB MANAGEMENT SYSTEM 


JMS puts you in control of your Data Center with scheduling 
and execution of batch jobs. JMS has no command language 
to learn so it's easy to use and yet has sophisticated scheduling 
capabilities that are second to none. JMS network capabilities 
allow scheduling and job dependencies across the network. 
Restriction features allow you to limit those pesky system 
hogs. Ad hoc streamed jobs may be incorporated to allow 
complete batch job control. 


CALLBACK SYSTEM DOWN DETECTOR AND JOB 
NOTIFICATION SYSTEM 


Voice/Beeper/Digital or our new Alpha Pager notification for: 
¢ Adverse Temperature * Power Loss ¢ System Hangs ¢ Job 
Aborts ¢ Printer Status ¢ Physical Conditions ¢ User Requests 
* Logon Security * Reply Pending * Console Messages ¢ Special 
Job Events ¢ Spoolfile Scanning « And much more... 


We are the leaders in tools for the "Lights Out Environment." 
Call us today for a free 30 day demo. MPE/iX or HP-UX. 


Corporate Headquarters 

3470 Pipebend PI. NE ¢ Suite 120 * P.O. Box 13086 ¢ Salem, OR 97309-1086 
Phone: (503) 585-0512 ¢ FAX: (503) 585-1706  E mail: Design3000@aol.com 
International Sales Office 


System Software Intl. * Oakmoore Court ¢ Kingswood Road ¢ Hampton Lovett 
Droitwich, WR9 0QH, UK ¢ Phone: +44 (0) 1905 794646 « FAX: +44 (0) 1905 794505 
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Internal Security Procedures 

If someone penetrates your outer 
perimeter, you want to make it as diffi- 
cult as possible to do anything destruc- 
tive or to steal your data. 


Use an Underwriters Laboratory listed 
money safe, bolted to the floor....8 

When you need higher protection, 
you should turn on “Trusted Systems.” 
This provides U.S. Government com- 
pliant C2-level security. Trusted Systems 
optionally allows auditing to a high level 
of detail, although at the cost of system 
performance. At its most basic level, 
‘Trusted Systems provides for a secured 
password file. In ordinary UNIX, the 
encrypted passwords are visible to every- 
one. A prime method of attack is to gain 
access to a system as an ordinary user, 
then copy the password file and, using 
tools such as Crack, attempt to break the 
passwords offline. By providing a pub- 
licly viewablé password file that shows 
no passwords and a secure one that does, 
this method of attack can be thwarted. 

For a much higher level of security, 
the compartmentalized Bl-level UNIX 
provides for mandatory access control 
of files and separates the traditional root 
user capability into separate indepen- 
dent functional areas. Thus root might 
be given the capability to do everything 
except auditing and the audit user can 
check to see whether root is doing some- 
thing inappropriate. 


Avoid keeping large amounts of cash in 
view.? 
You don’t want to provide an entice- 
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ment to outsiders. The /etc/issue file 
should not contain anything that wel- 
comes users. It should also avoid pro- 
viding information that will identify the 
type, manufacturer, or revision of the 
system and should not provide any infor- 
mation on the company. Only autho- 
rized users should be able to get to the 
issue file. A simple trick is to have the 
login prompt (defined in /etc/inittab) 
changed for modem ports so that the 
system appears not to be a UNIX 
machine. Those familiar with UNIX will 
try known UNIX login names such as 
“root” and “quest.” 

Many businesses keep small amounts 
of ready marked cash in case of a robbery. 
In a similar vein, the “quest” account can 
be set up so that if anyone attempts to log 
in with that ID, an alarm is automatically 
triggered. 


Signs deter the shoplifter. They may state 
“Shoplifters will be Prosecuted.”1 

The /etc/motd (message of the day) 
or similar file should make it clear that 
the system is for authorized users and 
that violators will be prosecuted. It 
should also make the point that users 
understand that their actions on the sys- 
tem may be monitored. Businesses 
should consult with a knowledgeable 
attorney, if necessary, to help draft the 
correct wording. 

A sample file with explanation is avail- 
able from the Computer Emergency 
Response Team (CERT), operated by 
Carnegie Mellon University for the U.S. 
Government. CERT can be reached at 
cert@cert. org. 


Develop clear policies regarding security 
and theft! 

A written Security Policy is an 
absolute must for any organization. It 
should clearly state authorized and 
unauthorized activities and the penal- 
ties for violations of the policies. Issues 
such as what constitutes acceptable per- 
sonal use, viewing of other users’ files, 
downloading graphics files of ques- 
tionable taste, hacking other systems, 
etc., must all be addressed. Help in writ- 
ing security policies is available from 
reputable consultants. There are also 
commercial programs that will create 
customized policies. 

The Security Policy should also 
include an Jncident Plan that describes 
what action should be taken in case of a 
break-in. The appropriate sections of this 
plan must be readily available and under- 
stood by operators and others in case an 
incident occurs that requires attention 
before the administrator can be con- 
tacted. It should include the conditions 
and steps necessary to protect the system 
should a security incident occur. 


Include crime prevention information in 
your staff memos and newsletters ./2 
Security briefings should be held on a 
regular basis. Company or organization- 
al newsletters should include informa- 
tion on proper computer security. CERT 
advisories can be obtained from cert.org 
and such information should be distrib- 
uted to all administrators. For Hewlett- 
Packard systems, HP provides the ability 
for customers to be on a mailing list for 
security bulletins and advisories. 


8Protect Your Profits: Security Tips For Small Businesses, National Crime Prevention Council brochure 
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Train employees in proper cash handling 
and security measures. 

All users should be required to change 
passwords on a regular basis; the policy 
should be enforced by password aging. 
Users should be trained in the impor- 
tance of security to the organization. 

A default umask parameter for all users 
should be placed in /etc/profile or 
/etc/csh.login to provide default security that 
at the least denies write access to a partic- 
ular file unless specifically overridden. 

File security should be understood 
and used by all users. 


Alert employees may be your best 
defense .!4 

Employees should understand what 
the likely signs of a break-in are and 
should learn to watch for bizarre occur- 
rences, unusual activity, and strange 
changes on the system. Is someone 
logged in who is known to be on vaca- 
tion? Is there activity on certain ports 
at a time of the day when there usual- 
ly is none? Have some seemingly 
innocuous files been changed for no 
apparent reason? Do dialout telephone 
line charges seem unusually high or 
are they for destinations that don’t 
make sense? Are there unknown files 
on the system? Is there something that 
just doesn’t look right? 


Protect Against Employee 
Problems 

Your threats are not always from the 
outside. You have to protect against legit- 
imate users committing malicious acts 
and administrators misusing the system. 


ibid. 


Good key control is vital to any office 
manager or business owner. Make a “key 
list” of all individuals who have keys to 
the office or building.” 

The number of users who know the 
root password should be limited. If cer- 
tain users require root privileges for spe- 
cific activities, then only those users 
should be given added capability and 
only for the specific programs. Both 
commercial products as well as public 
domain programs provide such capa- 
bility. In addition, standard UNIX access 
control lists (ACLs) and more advanced 
user-specific ACLs such as those avail- 
able on HP-UX should be utilized. 

The root password, which is the 
master key, should be well protected and 
changed as often as necessary. Some 
organizations are afraid that the primary 
administrators may be unavailable when 
the root password is unexpectedly 
needed and so the password is given to 
extra people. An alternative is to keep 
the password locked in a high-level man- 
ager’s safe and require contacting that 
manager or the manager’s secretary to 
obtain it. Thus the password is available 
but someone outside the department 
now knows when it has been given out. 

Revision control systems provide a 
method of checking that key applica- 
tion programs are not changed, or if 
they are, help determine what changes 
were made. 


Require all terminated employees to 
hand in keys and have all locks rekeyed 
at least once each year.!6 

Passwords should be changed imme- 
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diately whenever an administrator 
leaves. Password Aging should be imple- 
mented to require that all users change 
their password on a regular basis. 

Changing modem numbers can 
eliminate the knowledge that ex- 
employees might have about how to get 
into the system. 


Maintain a log to record removal and 
return [of keys] .17 

Log system console output to a 
printer and avoid using the console for 
other purposes so that you have a log 
of key events. 

Printing the output of the sulog file 
provides a record of all attempts, suc- 
cessful or not, at becoming the root user. 


Your best defense is frequent and 
thorough inventory control .18 

Backing up frequently is the primary 
method of “inventorying” your files. 
System auditing adds another level of 
security as does turning on accounting. 
Auditing, which is used in Trusted 
Systems, can cause significant overhead, 
depending on the extent of auditing 
activated. 

On HP-UX, you can audit your sys- 
tem files with pdfck(1M) for 9.X systems 
and swverify(1M) for 10.X systems. Both 
of these provide a check of ownership, 
permission, size, checksum, links, and 
revision level. 

It is vital that your system adminis- 
trator do a regular audit of the passwd 
and group files to remove users who no 
longer use the system, and run COPS 


to do a regular checkup of the system. 
Continued on Page 28 
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Insurance and Enforcement 


Insurance won't prevent crime, but it can 
help reduce your losses .!? 

There are two types of insurance to 
be concerned about. One involves sys- 
tem procedures to protect yourself, 
such as good off-site storage of back- 
ups, reliable and competent adminis- 
trators, and loyal employees. In 
addition, the normal business insur- 
ance that protects against lawsuits and 
losses should be reviewed to see that it 
covers the following: 


® computer break-ins 

m employee destruction of system files 

m loss of data and productivity because 
of malicious internal or external users 

m liability for privacy violations or 
release of system information due to 
a break-in or user action 

m liability for users (both authorized 
and unauthorized) hacking into 
outside systems from within your 
system 


You need to know how to protect 
yourself financially and your legal 
obligations and responsibilities in case 
of a security incident. Senior man- 
agement should confer with legal 
counsel for advice. 


Burglary insurance requires certain 
security precautions.?° 

You have a certain obligation to pro- 
tect your business. If you do not, the 
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insurance company might believe that 
you failed to practice due care and 
might not be willing to insure a loss. 
Similarly, failing to take basic security 
precautions may be considered a lack 
of due care. 


If you discover a burglary has occurred 
in your place of business, do not disturb 
anything.?! 

Should a break-in or loss occur, it is 
important that you disturb as little as 
possible in order for someone to deter- 
mine what has happened. Date/time 
stamps on files will be changed by your 
recovering, viewing, or fixing files, and 
thus valuable information can be lost. 
You should take steps to protect the sys- 
tem and to maintain strict accountability 
for backups. 

You should know what constitutes 
legal evidence in case of a break-in 
before you have one. Do you know when 
computer information is considered 
“business records”? 


Cooperate fully with law enforcement and 
prosecutors .7? 

Often companies fail to report or 
prosecute computer crimes, particularly 
when an inside user is involved. The 
result is that those criminals are free to 
prey on other companies. You should 
be prepared to provide the police with 
the information you have on what hap- 
pened and when. You should learn how 
to gather such information or get a con- 
sultant who can provide it. 
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The boss who takes merchandise and 
office supplies without paying encourages 
employees to do the same.” 

You should practice good security 
yourself. This means that your passwords 
should meet strict criteria. You should 
not be using the computer for personal 
use not specifically authorized by your 
security policy for all users. If you use 
the computer to browse the Net and 
download files of questionable taste, so 
will your employees. 


The basic goal that you should pursue is 
to educate yourself and your employees in 
the actions and behaviors of most 
shoplifters .24 

You should understand how hackers 
break into systems and how they com- 
promise security so you can recognize 
the signs of a break-in and take steps to 
protect yourself. 


Learn about crime in your neighborhood 
and what 1s being done about it.?° 

Read books and articles on computer 
security and pass them on to your users 
so they know how to protect themselves 
and your system. There are numerous 
books available in computer stores and 
copies of the U.S. Government’s 
Rainbow Series are available from the 
National Security Agency, Fort Meade, 
Maryland, (410) 766-8729. Even many 
local law enforcement agencies can pro- 
vide information on protecting your 
computer. 
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Do You Know Where Your Security Holes Are? 
Find Them with SecurityAudit/UX! 


Have You Heard that UNIX is Notorious for Its Lack of Security Features? 
Do You Know Where to Check to See if Your HP-UX System is Secure? 
Do You Have the Time to Do This Checking Regularly? 

Use SecurityAudit/UX To Do It All! 


EVEN IF YOUR SYSTEM IS SET UP CORRECTLY (AND HOW WOULD YOU KNOW IF IT WAS?) AND HAS NO SECURITY LOOPHOLES, IT CAN 
BE VERY DIFFICULT TO MONITOR SYSTEM CHANGES, AND TO ENSURE THAT SECURITY ISN’T COMPROMISED. THE MAGNITUDE OF THE 
PROBLEM INCREASES AS THE TOTAL NUMBER OF USERS CONFIGURED AND THE TOTAL NUMBER OF FILES GROWS. IT’S EASY FOR 
ORDINARY USERS TO CHANGE THE SECURITY OF THEIR OWN FILES TO ALLOW OTHERS TO ACCESS THE CONTENTS. A LOOPHOLE LEFT 


BEHIND INADVERTENTLY OR ON PURPOSE MAY BE EXPLOITED BY A DISGRUNTLED EMPLOYEE OR A HACKER TO BREAK SYSTEM 
SECURITY, SOMETIMES MUCH LATER. 


SecurityAudit/UX PRODUCES OVER 40 REPORTS, CONTAINING DETAILED INFORMATION ON THE FOLLOWING CLASSES OF 
PROBLEMS: 


¢ User and Group-related problems, including weak passwords and non-unique identification numbers. 

° File-system related proklems, including historical tracking of files and detection of potential Trojan horses. 
¢ PDF-related security problems, extended to detect changes in ACL specifications. 

¢ Logging subsystems status display, and logfile analysis. 

¢ Network-related status display and configuration weaknesses. 


John Pezzano has been supporting the HP- SecurityAudit/UX RUNS ON ALL HP-UX BASED 9000 SERIES 700 AND 800 SYSTEMS, AND HAS BEEN SPECIFICALLY TAILORED TO 


ADDRESS PECULIARITIES OF HP-UX, SUCH AS PDF, ACL AND HP’S SHADOW PASSWORDS. 


UX operating systems for Hewlett-Packard 
for over ten years. He is the author of numer- Call EUGENE VOLOKH for more info! 
ous articles on a wide variety of topics pub- 
lished in hp-ux/usr and Interact magazines VE SOFT 1135 S. Beverly Drive 
from Interex. Pezzano currently works for HP Purveyors of Fine HP Software - ici — — 
in Atlanta where he is a member of the North (310) 282-0420 

Amencan Escalation team supporting HP- 

UX.. He specializes in serial data communi- 
cations and system security. CIRCLE 40 ON READER SERVICE CARD 
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Every once in a while, the lp spooler subsystem will appear 
to lock up or the spooler will consume large amounts of CPU 
time without printing anything. Most of the lockup problems 
were solved with the 9.0 release, but occasionally a problem 


may develop. This article presents the series of steps to take to 
get your spooler back on line. The first section covers the pro- 
cedure for HP-UX 10.x. If you are on Version 9.x, skip to page 
32 for the section on the procedure for HP-UX 9.x. 


HP-UX 10.x 


1. Do an /pshut command. This requires root and the com- 
mand is located in /usr/sbin/Ipshut. Now check to see if all 
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by Bill Hassell 


Ip processes have terminated with 
ps -ef | grep lp 


If you see processes such as /psched still running, kill these 
processes with kill -9, using the process ID number. 
These /psched’s are associated with printers (or scripts) that 
are having problems, so you may wish to note which 
printers are affected. The parameters passed to the model 
scripts will indicate the printer name. 

Change directories to /var/spool/lp and remove the two 
files at the beginning of the list: SCHEDLOCK and FIFO. If 
they exist, remove any files with the word “lock” in them, e.g., 
lpd.lock, tmplock, etc., and the file named Toutputg. 


2. Once all lp processes are gone, see that all printers are 
online and ready to print. Ifa printer is temporarily off line due 
to a paper jam or out of paper, use the disable command to 
stop the spooler from printing to that device. 

Now type lpsched to start the spooler again. If the Toutputq 
deleted in step 1 reappears in /var/spool/Ip when you restart the 
scheduler, remove it again and clear outputq (> /var/spool/Ip/out- 
putq). Type lpsched again to start the spooler once more. Check 
to see that printing is working and that nothing is hung. If all is 
well, the spooler is now fixed. Check on any printers that were 
associated with /psched’s that had to be killed manually. You may 
wish to start lp spooler logging to monitor spooler activity with: 


/usr/sbin/lpsched -v -a 


This will log printer activities into /var/adm/Ip/log and 
/var/adm/|p/lpana.log. /var/adm/Ip/log can be read with just a 
cat or more command, while reading /var/adm/Ip/lpana. log 
requires the /usr/sbin/Ipana command. 


3. Ifthe spooler still locks up, you can use SAM to help fix the 
problem. A copy of the spooler control files is made when- 
ever changes are made to the spooler using SAM. This means 
that the spooler can be recovered to this state using SAM’s 
Previously Saved State option. 

Once this is performed, start the spooler and check to see 
that all is well. Again, if problems develop, check the names 
of the printers that seem to be hanging the spooler to see if 
the printers are online. If not, use the disable command to 
take them out of active spooler status. 

Also check the log file in /var/adm/Ip/log. There may be 
some information about the spooler problems logged there. 
The JetDirect software always logs activities in this file and net- 
work activities are typically logged into the file /var/adm/sys- 
log/syslog.log (but check the printer/plotter selftest page to 
see if a syslog server has been established. 


4. If the spooler locks up again, the data in the pstatus file is prob- 
ably corrupt. Perform step | again. Now we need to make a list of 
all the printers currently in the system. Use lpstat -v to get this 
list, and make a permanent copy by redirecting it into a file as in 


lpstat -v > /tmp/lp.list. 


You'll also have a list of printers that are remote or located 
on other systems. The unprinted jobs in the spooler are located 
in the directory 


/var/spool/lp/request 


where each printer has a directory of print jobs that have 
not been completed. Each job creates a pair of files: a short 
control file and the actual data for printing. If none of the 
print jobs are important, these files can be removed (details 
in the next step). Otherwise, the individual data files can be 
moved to a temporary directory. Since many files may have 
been printed with special options, you should also move the 
control files to be used later in reprinting the jobs. 

Also note: If you have made customized model scripts in the 
directory /etc/lp/interface, make copies of these custom scripts 
in the directory /usr/lib/lp/model (the template directory). You 
may wish to rename the scripts in the interface directory since 
they will have the name of a printer. 

Special note for JetDirect-connected printers and plotters: 
The model scripts for these printers are in a directory one 
level below the interface directory called model.orig. Be sure 
to save any customized scripts found in that directory too. 

Also, the spoolkick procedure does not affect the bootp 
services used by JetDirect cards in this system; bootp is inde- 
pendent of the Ip spooler. 


5, With the spooler stopped, use lpadmin -x to remove every 
printer. If you have more than a few, you may wish to create a script 
to read the names of all the printers and run the lpadmin -x com- 
mand automatically. 

Once every printer has been removed, we need to move 
to the directory /var/spool/Ip to check on the remaining files 
and directories. Here is a summary of action steps: 


m Remove the files SCHEDLOCK and FIFO. 

m Clean the requests with rm -r /var/spool/1p/request /* 
Be sure to specify the /* at the end so that request will not 
be deleted. 
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mw The following directories must exist but have *NO* files 

in them: 
recevve 
request 

m The file segfile can be removed or you can edit it to con- 
tain an ASCH number as the starting point for the next 
print request ID. (As a note, segfilecan be changed at other 
times but only when the spooler is shut down and there 
are no pending jobs to print.) 

mw The file default should be zero-length. 

m Zero out the status files with: 
> pstatus (or you can use cat /dev/null > pstatus) 
> qstatus (or cat /dev/null > qstatus) 
> outputgq (orcat /dev/null > outputq) 
Do not remove these files. If they are removed, they must 
be recreated as zero-length files with the correct 
permissions and ownerships. 

m Now change directory to /etc/Ip 

mw The following directories must exist but have *NO* files 
in them: 
cinterface 
class 
info 
interface 
member 
sinterface 

m Finally, we must verify that the existence, links, ownerships, 
and permissions are correct. At HP-UX 10.0 and higher, 
there is a very useful command: swveri/y. With this com- 
mand, you can verify the entire Ip spooler file set. Just use: 


swverify PrinterMgmt .LP-SPOOL 


If you get the message “Analysis Phase had errors,” check 
the file 


/var/adm/sw/swagent.log. 


It will report any missing files or incorrect ownerships 
and permissions, which you will have to fix. Note: It will 
also run swverify on any dependent products and mark 
them with a “+” symbol. 


Once swverify reports “Analysis Phase succeeded,” we have 
completed the cleanup of the spooler. 
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Note: If you are using JetAdmin software to print to network 
printers, you will also need to run: 


swverify HPNP 


Again, fix any incorrect permissions or missing file 
problems until swver/y reports “Analysis Phase succeeded.” 
To verify that all is well, use /usr/sbin/lpstat -t 


/usr/sbin/lpstat -t 
scheduler is running 


no system default destination 


At this point, we can add the first printer, preferably one that 
is close by so we can verify operation immediately. Start by 
testing a directly connected printer (either serial or parallel). 
You can use SAM to add the printer or the commands: 


/usr/sbin/lpshut 
/usr/sbin/lpadmin -p<prn> -v<devfile> -m<model> 
/usr/sbin/accept <prn> 


/usr/bin/enable <prn> 


where: <prn> is a name for the printer, <dev/ile> is the device 
file, and <model> is the model script to be used from the 
choices in /usr/lb/Ip/model. Then, test the printer with: 


lp -d<printer-name> /etc/group 


which will produce a one-page (or so) listing of the group file. 

This should completely restore operation of the lp spooler. 
Be sure to check on the latest patches. As of this writing, the 
latest patches are: 


PHCO_7102 10.00, 10.01 (cumulative lp spooler patch) 
PHCO_6632 10.10 (cumulative Ip spooler patch) 


You can obtain these patches from the HP Response Center, 
or through electronic means from HP Support Line. Connect 
to the Web service through 

hitp://support.mayfield. hp.com. 


HP-UX 9.x 
This section describes the SpoolKick Procedure for 9.xx 
and earlier. 
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the spoolkick procedure 


1. Do an /pshut command. This requires root and the com- 
mand is located in /usr/lib/ipshut. Now check to see if all Ip 
processes have terminated with 


ps -ef | grep lp 


If you see processes such as /psched still running, kill these 
processes with kill -9, using the process ID number. These 
lpsched’s are associated with printers (or scripts) that are hav- 
ing problems, so you may wish to note which printers are 
affected. The parameters passed to the model scripts will indi- 
cate the printer name. 

Change directories to /usr/spool/ip and remove the two files 
at the beginning of the list: SCHEDLOCK and FIFO. 


2. Once all lp processes are gone, see that all printers are 
online and ready to print. If a printer is temporarily off line, 
use the disablecommand to stop the spooler from printing to 
that device. 

Now type lpsched to start the spooler again. Check to 
see that printing is working and that nothing is hung. If 
all is well, the spooler is now fixed. Check on any printers 
that were associated with lpsched’s that had to be killed man- 
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ually. You may wish to start lp spooler logging to monitor 
spooler activity with 


/usr/lib/lpsched -v -a 


This will log printer activities into /usr/spool/lp/log and 
/usr/spool/Ip/ipana.log. /usr/spool/ip/log can be read with just 
a cat or more command, while reading /usr/spool/lp/lpana. log 
requires the /usr/lib/ipana command. 


3. If the spooler still locks up, and you are running HP-UX 
Version 9.0x, you can use SAM to help fix the problem. If you 
are running 8.0x or earlier, skip this step. 

At 9.0x, a copy of the spooler control files is made whenever 
changes are made to the spooler using SAM. This means that 
the spooler can be recovered to this state using SAM’s 
Previously Saved State option. 

Once this is performed, start the spooler and check again. 
If problems develop, check the names of the printers that 
seem to be hanging the spooler to see if the printers are online. 
If not, use the disable command to take them out of active 
spooler status. 

Also check the log file in /usr/spool/Ip/log. There may be 
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some information about the spooler problems logged there. 
The JetDirect software always logs activities in this file and net- 
work activities are typically logged into the file /usr/adm/syslog 
(but check the printer/plotter selftest page to see if a syslog 
server has been established). 


4. If the spooler locks up again, there may be corruption in 
the outpuig file. Stop the spooler with /usr/lib/Ipshut, check 
that all copies of lpschedare gone (ps -ef | grep lpsched), 
and then zero the outputg file with 


cat /dev/null > /usr/spool/lp/outputq 


Don’t remove the file, since it must exist with the right per- 
missions and ownerships; truncating the file to zero length is 
safer. Now try lpsched again. 


5. If the spooler locks up again, there is probably data cor- 
ruption in the pstatus file; perform step 1 again. Now we need 
to make a list of all the printers currently in the system. Use 
lpstat -v to get this list, and make a permanent copy by re- 
directing it into a file as in 


lpstat -v > /tmp/lp.list 


If you are running Version 9.0 of HP-UX or have the 
spooler patch for 7.0 and 8.0, then you'll also have a list of 
printers that are remote or located on other systems. 

The unprinted jobs in the spooler are located in the 
directory 


/usr/spool/lp/request 


where each printer has a directory of print jobs that have 
not been completed. Each job creates a pair of files: a short 
control file and the actual data for printing. If none of the 
print jobs are important, these files can be removed (details 
in the next step). 

Otherwise, the individual data files can be moved to a tem- 
porary directory. Since many files may have been printed with 
special options, you should also move the control files to be 
used later in reprinting the jobs. 

If /pstat did not provide a list of the remote printers with 
their remote computer hosts, you’ll need to create a list of 
these printers manually. 

Also note: If you have made customized model scripts in the 
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directory /usr/spool/Ip/interface, make copies of these custom 
scripts in the directory /usr/spool/Ip/model (the template direc- 
tory). You may wish to rename the scripts in the interface 
directory since they will have the name of a printer. 

Special note for JetDirect-connected printers and plot- 
ters: The model scripts for these printers are in a directo- 
ry one level below the interface directory called model.orig. 
Be sure to save any customized scripts found in that 
directory too. 

Also, the spoolkick procedure does not affect the bootp 
services used by JetDirect cards in this system; bootp is inde- 
pendent of the Ip spooler. 


6. With the spooler stopped, use lpadmin -x to remove every 
printer. If you have more than a few, you may wish to create 
a script to read the names of all the printers and run the lpad- 
min -x command automatically. 

Once every printer has been removed, we need to 
move to the directory /usr/spool/lp to check on the 
remaining files and directories. Here is a summary of 
action steps: 


m Remove the files SCHEDLOCK and FIFO. 

| Clean the requests with rm -r /usr/spool/l1p/request/* 
Be sure to specify the /* at the end so that request will not 
be deleted. 

m The following directories must exist but have *NO* files 
in them: 
cinterface 
class 
info 
interface 
member 
receive 
request 
sinterface 

m The file segfile can be removed or you can edit it to con- 
tain an ASCII number as the starting point for the next 
print request ID. (As a note, segfilecan be changed at other 
times but only when the spooler is shut down and there 
are no pending jobs to print.) 

m The file: default should be zero-length. 
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= Zero out the status files with: 
> pstatus (oryoucan use cat /dev/null > pstatus) 

> qstatus (orcat /dev/null > qstatus) 
> outputq (orcat /dev/null > outputq) 
Do not remove these files. If they are removed, they must 
be recreated as zero-length files with the correct permis- 
sions and ownerships. 

m Finally, we must verify that the existence, links, ownerships, 
and permissions are correct. With HP-UX 8.0 and higher, 
there is a very useful command: pdfck. With this command, 


you can verify the entire lp spooler file set. Just use 
/usr/bin/pdfck /system/LP-SPOOL/pdf£ 


This will report on any missing files or incorrect owner- 
ships and permissions. Once pdjck finds no errors, we have 
completed the cleanup of the spooler. To verify that all is 


well, use: 
/usr/bin/lpstat -t 
The output should be something like: 


/usr/bin/lpstat -t 
scheduler is running 


no system default destination 


At this point, we can add the first printer, preferably 
one that is close by so we can verify operation immedi- 
ately. Start by testing a directly connected printer (either 
serial or parallel). You can use SAM to add the printer or 
the commands 


/usr/lib/lpshut 
/usr/lib/lpadmin -p<prn> -v<devfile> -m<model> 
/usr/lib/accept <prn> 


/usr/bin/enable <prn> 
where: <prn> is a name for the printer, <dev/ile> is the device 
file, and <model> is the model script to be used from the 


choices in /usr/spool/lp/model. Then, test the printer with 


lp -d<printer-name> /etc/group 
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which will produce a one page (or so) listing of the group file. 

This should completely restore operation of the Ip spooler. 
Be sure that the latest Ip spooler patches have been applied. 
For all the Op Systems: 


REV PLATFORM PATCH 

1.0 300/400 PHCO_0545 (basic spooler fixes) 

800 PHCO_0543 (basic spooler fixes) 

8.0 300/400 PHCO_ 1433 (basic spooler fixes) 
PHCO_ 1968 (OTC printers) 


800 PHGO_ 1432 (basic spooler fixes) 

PHNE_3526 (X.25 printing) 

PHCO_ 1437 (basic spooler fixes) 
( 


8.07 700 
PHNE_ 3526 (X.25 printing) 
9.0 300/400 (none) 
9.x 700/800 PHCO_ 7033 (basic spooler fixes) 


PHCO_ 5898 (PCLO scripts) 
PHSS_3223 (Aprop and divpage) 
PHCO_ 5370 (TSM printing) 

PHCO_ 4303 (/pa/t and other problems) 


You can obtain these patches from the HP Response Center, 
or electronically via HP Support Line. Connect to the Web 
service through hitp://support.mayfield. hp.com. il 


Bill Hassell is an HP-UX systems support engineer in the HP Response 


Center in Atlanta, Georgia. 
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Programming 


This article provides an overview of programming with 
Berkeley Sockets on an HP-UX workstation. The level is tech- 
nical but very basic, with lots of background and review mate- 
rial. More advanced readers may wish just to read the source 
listings. The concepts are applicable to almost any UNIX system, 
of course, and I'll provide some example programs written in 
C. I will discuss the terminology of networking and sockets, 
including TCP and UDP, and some client-server issues—includ- 
ing two different types of servers, and how sockets work. 

Fundamentals and theory will be first, including termi- 
nology and other related topics that are needed to make 
appropriate decisions when programming with sockets. Then 
I'll cover the sockets API (Application Programming Interface), 
including various function calls and the data structures used 
by them. Once that has been accomplished, I’ll present a sim- 
ple as possible server to illustrate the various concepts with a 
concrete example. Next, I’ll provide a real-life example of a 
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one-way UDP client-server system that is straightforward to 
program yet provides a service that is still in use today. The 
whole idea is to take the “magic” out of sockets programming 
and show that this sort of thing is not all that difficult, pro- 
vided you understand the fundamental issues involved. If 
you're already sitting at a shell prompt, you can look at the 
files under /usr/netdemo/socket and /usr/netdemo/af_unix/dgram 
to see some example programs under HP-UX 9.X. 

You should already understand programming concepts 
(UNIX environment is helpful) and also have some under- 
standing of networks and operating systems. All examples will 
be given in C. I will make an effort to explain both the syntax 
and the source, but keep in mind there are always several dif- 


ferent ways to toggle the same bits. 


Networking with HP-UX 
In this article, we will assume that networks can support 


the DARPA Internet protocol suite, commonly referred to as 
TCP/IP. The IP portion of that moniker stands for Internet 
Protocol, which provides the packet delivery service (includ- 
ing routing) for other, higher level protocols such as UDP, 
TCP, and ICMP. At the IP layer, every packet can be considered 
independent of every other. This way, packets can be routed 
individually, since each contains both the source and desti- 
nation address. 

It is worthy of note that a single IP packet sent from machine 
A to machine B may arrive at machine B as several IP packets 
that, combined, contain the information in the packet sent 
from machine A. This phenomenon, referred to as fragmen- 
tation, can occur at the most inconvenient of times. It is also 
worthwhile to note that the IP protocol simply discards any 
packets that it finds in error (e.g., bad CRC checksum, too 
large, too small). It is up to the higher level protocols such as 
TCP, UDP, or ICMP, or the sockets programmer, to handle 
this situation, should it occur. I’ve used a lot of acronyms in this 


paragraph, and it is important to understand what they mean 


and imply. So, the next section is a quick review of terminol- 
ogy, concepts, and protocols. 
First, some definitions : 


TCP is a connection-oriented protocol that provides a reli- 
able, full-duplex connection between processes that is used 
like a “stream of bytes” from one process to another. 

UDP is connectionless in that it provides only an unreli- 
able message exchange medium for interprocess communi- 
cation. 

ICMP is yet another protocol used for providing status and 
control information. It is typically used for router configura- 
tion and ping(1). 


Terminology, Protocols, and Ports 
Every TCP/IP implementation must support a minimum 
IP datagram size of 576 bytes. Many UDP applications (DNS, 
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TFTP) only send up to 512 bytes of user 
data to stay within this limit and there- 
fore guarantee that no fragmentation 
occurs, since this happens only when an 
IP datagram exceeds the underlying net- 
work’s MTU (Maximum Transmission 
Unit-the largest “thing” that can be sent 
at one time). For Ethernet, this is about 
5K or so. By definition, the maximum 
IP datagram size is 65,535 bytes, or 64K. 
The sockets programmer needs to be 
aware of these constraints when design- 
ing client-server systems so that perfor- 
mance will not be adversely affected. 
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Another concept to be aware of is 
the effect of protocol encapsulation, 
illustrated in Figure 1. This shows how 
much overhead is involved in sending a 
packet. In this example, there are no 
fewer than 42 bytes of overhead per 
packet. Since the minimum packet 
length for Ethernet is 72 bytes, there 
may even be additional “padding” of 
packets. 

When dealing with networking pro- 
tocols, it is sometimes helpful to refer 
to the ISO 7-layer model. See Figure 2 
for a depiction of how Berkeley Sockets 


fits into this model. The model is meant 
to accommodate many protocols, and 
so our usage of it will have the three 
highest layers implemented in the appli- 
cation program. In fact, this is exactly 
the issue that will be addressed in the 
examples (i.e., session, presentation, 
and application). 

A socket is an endpoint of commu- 
nication. It is one side of a full-duplex 
connection. A connection is a commu- 
nication link between two processes. An 
association is a 5-tuple (a group of exact- 
ly five things) that completely specifies 
the two processes that comprise a con- 
nection—for example, [protocol, |- 
address, l-process, f-address, f-process]. 
A half-association is also called a socket. 

A connection is two sockets; each 
socket can both send and receive (full 
duplex in datacom parlance). 

The port numbers and their classifi- 
cations are illustrated in Figure 3. Port 
numbers below 1024 imply superuser, 
or root access, since these ports are des- 
ignated as reserved. Ports are imple- 
mented by 16-bit positive integers in 
HP-UX. Some standard port numbers 
and protocols are 21/TCP for the ftp 
service and 23/TCP for the telnet ser- 
vice. Note that TCP and UDP port num- 
bers are independent of each other. 
That is, there can be a UDP server on 
port 21/UDP and also a TCP server on 
port 21/TCP, and they both operate on 
different ports. Remember the defini- 
tion of a socket? It included the protocol, 
so that is why the same port number can 
be used simultaneously with two differ- 
ent protocols. You can look at the file 
/etc/services for a list of the protocols and 
ports already defined on your system. 

Figure 3 also indicates that there is a 
group of what are known as “ephemer- 
al” ports, numbered between 1024 and 


Stuck using tar’? 
(or foackup, cpio, or dump’) 


What a sticky mess! Standard UNIX backup utilities force you to glue 
on scripts to make them work right, have performance like molasses, 
user interfaces that are clear as pitch, and reliability that could 
drag your career down into a pit. It’s time to kick asphalt. Load 
BACKUP/9000 (it takes less than 10 minutes), and automate 
super fast, reliable backups and restores on any networked 
system via its slick user interface. Let BACKUP/9000 back 

up your Oracle databases hot, track tapes and files, manage 
media, schedule backups, etc. Don’t get stuck - get 

something faster, easier, and more reliable. Contact us 

for a free demo today, before things get really messy. 


ORBIT. 


GROUP INTERNATIONAL o \ 


+1-800- 890RBIT 
+1-510-837-4143 
Fax +1-510-837-5752 
info @orbitsw.com 
www.orbitsw.com 


sockets programming 


IANA Ports 
(reserved) 


FIGURE 4 


HP-UX Port Numbers 


© [ANA = Internet Assigned Numbers Authority 


e TCP ports and UDP ports are independent of each 
other, since the IP header specifies the protocol in use 
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socket 


accept() call performs the transfer 
from the well-known socket to the 
individual socket for this client, 


Once initiated, ALL communication between 
client and server use this new, unique connection, 


5000 inclusive. These ports are typical- 
ly assigned by the system as the result of 
a special system call. This is explained 
in the next paragraph. The important 
concept to understand is that the par- 
ticular number of an ephemeral port 
doesn’t matter, because it will be com- 
municated to the client process as part 
of the special system call. Ephemeral 
ports are used when a server will need to 
communicate with many clients simul- 
taneously and will therefore need a sock- 
et for each client, in addition to the 
“well-known” socket that clients use to 
initiate a connection. 

In order to implement a concurrent 
server, that is, a server that can provide 
service to more than one client at a time, 
the server must be able to handle sev- 
eral different ports at a time. Fortunately, 
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HP-UX (and UNIX in general) makes 
this relatively easy by providing the spe- 
cial system call accept. 

The accept() call automatically allo- 
cates a random socket from a pool and 
associates this new socket with the serv- 
er process. The server process then bases 
all future communications with the 
client process on this new socket. Using 
this method makes it much simpler to 
code a concurrent server, since the 
clients don’t really care which socket is 
used by the server, as long as they can 
initiate the communication using the 
socket that they already know. An illus- 
tration of how this process works can be 
seen in Figure 4. 


Client-server Basics 
Client-server separates the process- 


ing performed by an application pro- 
gram based upon real-world usage data. 
Thus, distributed programs using today’s 
networks are more powerful than sin- 
gle processor systems. Client-server pro- 
vides a flexible, scaleable, modular 
architecture for doing business. One of 
the problems with process-to-process 
communication is named the “ren- 
dezvous problem.” This refers to the dif- 
ficulty in synchronizing the actions of 
processes that not only execute at speeds 
measured in nanoseconds but are like- 
ly to be executing on different hardware 
as well. The rendezvous problem is 
solved by (1) having the server start first, 
and (2) having clients initiate connec- 
tions. In this way, the server is usually 
“waiting” for clients, and the problem 
is reduced to one of connection estab- 
lishment, rather than process synchro- 
nization. In order to do this, the client(s) 
must know where to find a server or 
servers before any type of connection 
can be made. So, we can define a server 
as a process that is waiting to be con- 
tacted by a client process so that the serv- 
er can do something for the client. 


Forms of Client-Server Communication 
In general, client-server systems are of 
two basic types: connection-oriented and 
connectionless. The major dependen- 
cy is whether the server needs to main- 
tain its state between client requests. I 
will discuss both and give an example 
of a connectionless server in this article. 
I have also provided examples of sever- 
al other more sophisticated servers and 
clients in the Additional Code section 
of the November hp-ux/usr on the 
Interex Web Site (Aittp:/, ur. interex. org). 
In connection-oriented protocols, the 
clients send one or more requests over 
the connection to the server. This is 


much like a file, or pipe between the 
two processes, providing the appear- 
ance of a “stream of bytes” between 
them. Connection-oriented protocols 
are best used when a request or 
response can be large, when the appli- 
cation protocol involves a continuing 
dialogue, or when the application 
requires reliable transport. 

For systems that have one or more 
of these requirements, the transmission 
control protocol (TCP) is widely used. 
This protocol guarantees an error-free 
byte stream between the communicat- 
ing processes. There is more overhead 
associated with using TCP, but many 
times the benefits of getting the correct 
data in the correct order outweigh the 
cost of the extra packets. Some of this 
extra cost is illustrated in Figure 5, which 
shows the packets involved in setting up 
and shutting down a TCP connection 
(the 3-way handshake). Note that these 
seven packets are required for every con- 
nection, regardless of how much data 
is sent over the connection. In general, 
systems using TCP have little or no con- 
trol over the size or the number of pack- 
ets transmitted. 

For systems that are more message- 
oriented (where each message is 
independent of every other), a connec- 
tionless protocol can be used. This has 
the advantage of being lightweight 
(meaning minimal network traffic) 
and easier to program since the server 
can process each and every request 
independently. 

The client places each request in an 
individual message and sends it to the 
server. The server then typically sends 
a response back to the client in a reply 
message. Be aware that this does not 
imply reliable transport, and only a “best- 
effort” message delivery service is pro- 


vided. The protocol most often used for 
connectionless systems is UDP, also 
referred to as the “You Do it Protocol.” 
That means that the developer is respon- 
sible for any and all errors, including 
the following : 


mM a message never arrives at its desti- 
nation 

m™ messages are duplicated by the net- 
work 

m™ messages arrive out of order 


For obvious reasons, connectionless 
protocols are best suited for relatively 
simple systems. Some examples of sys- 
tems that use UDP are SNMP (Simple 
Network Management Protocol) and 
DNS (Domain Name Service), although 
it’s worth mentioning that both of these 
systems can switch to a connection-ori- 
ented protocol when circumstances 
require (with large amounts of data or 
when security is a must). 


FIGURE 5 
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Concurrency, Process Control, and 
Signals 

For completeness, this section discusses 
some aspects of process control on UNIX 
systems. This is mainly required for dis- 
cussing concurrent servers, but many 
client-server systems use a concurrent serv- 
er, and it’s also good background material. 

Anew process is created only when an 
existing process executes the /ork() func- 
tion. fork creates a copy of the process that 
was executing. The process that called 
the fork() function is called the parent, 
and the new process is called the child. 
Fork() is the only function that is called 
once but returns twice (once in the par- 
ent, and once in the child), with differ- 
ent values. Next, a new program gets 
executed only when an existing process 
issues the exec() function. execreplaces the 
current process with the new program. 

While most computers and operat- 
ing systems today provide the appear- 
ance of concurrency (more than one 
program running at the same time), 
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FIGURE 6 


TCP Connection Sequence 


Client Server 


socket socket 
connect bind 
write listen 
read accept 
close read 
write 
close 


true concurrency is achieved only with multiprocessor sys- 
tems. UNIX provides apparent concurrency with time slicing. 
Server programs can use fork and exec to provide apparent 
concurrency for servicing more than one client at a time. 

signal() is another widely used system call. This function 
allows a user-written event handler to be installed (and called) 
when the user process receives a signal. I have used the alarm() 
call along with the signal() call to provide “time-out” func- 
tionality for a UDP-based client server system. A code frag- 
ment that illustrates how to do this is shown below. First, we 
define a signal handler named timeout(), which first just re- 
installs itself and then increments a counter when called. Next, 
we define the signal handler in the main program. After that, 
we use the alarm() system call to set an alarm interrupt for 20 
seconds in the future. Now, we can loop sending UDP pack- 
ets to a server and waiting for a reply. If we send 5 packets 
without any reply, we will exit the loop and exit the program 
since the server is apparently unreachable. 


/* This is the signal handler routine*/ 
static int timeout () 


{ 


signal (SIGALRM, &timeout) ; 
alarm( (unsigned long) 20 ); 


packet_count++; 


} 

/* This shows how to use a signal handler. First we set up the 
signal routine */ 

signal (SIGALRM, &timeout) ; 

alarm( (unsigned long) 20 ); 

/* Now we enter the packet-sending loop */ 


while ( packet_count <5) { 


rem p-ux/usr = november 1996 


/* send UDP packets here */ 
if ( sendto() ) /* this means our send worked OK, and we can exit */ 
return(0); 
} 
/* we only get here if all 5 packets timed out */ 
signal( SIGALRM, SIG_IGN ); 


return( -5 ); 


Using Berkeley Sockets-TCP 

TCP sockets on most UNIX systems use the same conven- 
tions as files. That is, open ... read/write ... then close. This 
model works well because the socket is basically a “stream of 
bytes” just like normal files in the UNIX environment. The 
syntax for doing this is only slightly different from that for 
files, mostly because opening a socket requires information 
about the socket number, which host to connect to, and so 
on. There are a significant number of system calls related to 
sockets programming, so I have summarized some of them 
in 7able 1. 1 will refer to these function calls throughout the rest 
of this article. Many of these will use data structures for pass- 
ing data, so it is helpful to understand both the data struc- 
tures and how the elements are used by the different functions. 
Some of these are specific to connectionless protocols (UDP) 
and some are for TCP protocols. I have used almost all of 
these in the examples, but I would suggest that the reader 
refer to the system man pages for more details about these 
functions on your system. 

The sequence for setting up a TCP connection is illustrated 
in Figure 6. The arrows indicate where looping (or iterations) 
takes place. Calling sequences for both client and server are 
depicted, and the interaction is basically when one writes, the 
other reads, and vice versa. There is a little more overhead (in 
the form of more calls) on the server side because the server 
has to request a specific port number and then “listen” on that 
port for clients to connect. 

In order to create a socket, one must initialize it first. 
This involves specifying such things as which protocol to 
use, which IP address to connect to, and which port num- 
ber to use (the 3-tuple). The socket address structure is 
used to provide this functionality. A definition is shown 
below. The only complication here is that the IP address 
is also defined as a structure. So, the code defines two struc- 
tures, an Internet address structure (in_addr), and a sock- 
et address structure (sockaddr_in). The definition for the 
socket address structure contains an Internet address. 


TABLE 1 Berkeley Socket Calls 


ce a 


setsockopt change options for a socket 


/* This is the Internet address structure */ /* include files for network stuff */ 
struct in_addr { #include <netinet/in.h> 
ulong = s_addr; /* 32-bit netid/hostid */ #include <sys/socket .h> 


3 


#define bzero(ptr, len) memset((ptr), NULL, (len) ) 


* ; ; * 
POUEIRE 35 hie Rhee Sees! EUCUELAES r/ struct sockaddr_in myaddr; /* declare a socket address 


struct sockaddr_in { 
structure */ 
short sin_family; /* AF_INET */ ; 
int mysocket; /* declare a socket descriptor */ 
u_short sin_port; /* 16-bit port number */ 


struct in_addr sin_addr; /* 32-bit hostid/netid - Internet address */ 
mysocket = socket (AF_INET, SOCK_STREAM, 0); /* create socket */ 
char sin_zero[8]; /* unused */ 


a 


bzero( émyaddr, sizeof (myaddr) ) ; /* initialize the socket address 


The example below illustrates the use of the socket address aie 


structure. This example uses the socket call to create a socket 90°": Si"famly = AFINET; 1 ES ae Se ee 
and the Lind call to bind the socket created to a port. Once the EASE 
socket has been created (as a TCP socket in this case, using myaddr.sin_addr.s_addr = INADDR_ANY; /* allow connections from ANYONE */ 
SOCK_STREAM), it then has various parameters set to (1) myaddr.sin_port = 35000; /* set up the port number */ 
be an Internet socket, (2) accept connections from any other 
IP address, and (3) use a port number of 35000. /* now, bind the socket */ 

After this, the socket is ready for use. bind(mysocket, (struct sockaddr *) smyaddr, sizeof (myaddr)) ; 
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An Example Server 

To provide the most basic example possible that is still a 
concrete one, the code shown below defines a “simple as pos- 
sible” server using TCP. This server has no error checking 
whatsoever. First, there are several include files for defining data 
structures that will be used. There is also a definition for the 
port number that we will use, named PORTNUM. This server 
consists of a single main() function. 

Within that main function, first two sockets are declared, one 
for the server and one for the client. Next, a data buffer is 
declared for receiving data from the client. Finally, a socket 
descriptor is declared. Now, we begin execution with the sock- 
et function call, which (as we already know) creates a socket. 
This socket is defined as being an Internet stream socket, 
which (to us) means the TCP protocol will be used. Next, we 
initialize the socket descriptor, specifying that the address fam- 
ily for this will be Internet, that we will accept any IP address 
that requests a connection, and finally that we will listen on 
TCP port number 9999. 

Now we use the bind system call to bind this socket to a port 
(using our socket descriptor), and then we will listen for client 
requests. The 5 parameter in the listen call specifies that TCP 
will queue up to five clients requesting that port for us. If we 
get more clients than that before the server can service the 
first one, any further connections will be lost. 

Next, we enter a do-while loop where we accept client con- 
nections on our socket, read 256 bytes from each client into 
our buffer, and then terminate the connection. We will do 
this forever, or until the server process is interrupted. 

This illustrates the basic programming steps required to 
code an iterative TCP server. 


/* NO error checking at all for this example, the idea is to make this as EASY to 
read as possible. This is the “SIMPLE AS POSSIBLE” server */ 

#include <stdio.h> 
#include <sys/types.h> 
#include <sys/socket.h> 


#include <netdb.h> 


#include <netinet/in.h> 


#define PORTNUM 9999 
Main () 
{ 


/* this socket is for the client */ 
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int client_sd, 


server_sd; /* this socket is for the server's LISTEN socket */ 


char buffer [256]; /* this declares a buffer to hold the client data */ 
struct sockaddr_in name; /* this declares a socket descriptor */ 


server_sd = socket (AF_INET, SOCK_STREAM, 0); /* this CREATES the socket */ 


name.sin_family = AF_INET; /* these assignments will set up the descriptor */ 
name.sin_addr.s_addr = INADDR_ANY; 


name.sin_port = PORTNUM; 


bind(server_sd, (struct sockaddr *) mame, sizeof(name)); /* this BINDS our socket */ 


listen (server_sd,5); 


/* put socket in passive (LISTEN) mode */ 
do { 

client_sd = accept( server_sd, (struct sockaddr *) 0, (int *) 0); 

/* accept client’s request for a connection */ 

read(client_sd, buffer, 256); /* read the client’s data into buffer */ 
close(client_sd) ; /* terminate the connection */ 
} while (1); 


} /* end of main */ 


An Example One-Way UDP system 

This entire client-server system is contained in Listings 
1-4, These are (1) acommon header file (notify_tsl.h), (2) 
server code (collectd.c), (3) client code (notify_tsl.c), and (4) 
an example data file. 

This system was created to provide statistics about software 
usage. The client is basically a function that takes whatever 
information the user wishes to provide (in the form of two 
character strings), and sends it to the server (along with a local 
timestamp), where the information is written (along with a 
timestamp from the server and the client’s IP address) to a log 
file. The log file can then be processed to see which IP address- 
es are using which applications, and when. Since this system is 
relatively simple and message-oriented, it uses UDP for com- 
munication from client to server. Note that this communication 
is one-way only, and the client performs a “blind send,” never 
knowing if its data was ever actually received. This was found 
to be acceptable in HP’s network, since our error rate for a 
single UDP packet was .001-.002 percent. The server is iterative, 
since the time to process a client request is small (just write to 
the log file), and lightweight in terms of resource usage. 


notify_tsl.h 
This header file contains includes for various header files 
that are required to support different system features, along 
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LISTING 1 


notify_tsl.h 


[* 
Filename: notify _tsl.h 


This is the COMMOM header file for the TSL STATS collection 
client/server code modules, it contains GLOBAL defines, includes 
and a TIMESTAMP function. 

Written by Andy Phillips and Ricky Ralston 2/94. 

1] 

#include <stdio.h> 

#include <stdlib.h> 

#include <sys/socket .h> 

#include <sys/utsname.h> 

#include <sys/types.h> 

#include <netinet/in.h> 

#include <time.h> 

#include <netdb.h> 

#include <malloc.h> 

#include <unistd.h> 

#include <signal .h> 


#ifndef SERVICE NAME 
#define SERVICE NAME 
#endif 


“collect” /* service in /etc/services */ 


#ifndef COLLECTOR PORT 
#define COLLECTOR PORT 22315 
#endif 


/* UDP port number for service */ 


#ifndef COLLECTOR SERVER NAME 
#define COLLECTOR SERVER_NAME “example.atl.hp.com” /* STATS server */ 
#endif 


#ifndef DAEMON HELLO 
#define DAEMON HELLO 
#endif 


“TSL STATS Collector ver B.02 daemon started “ 


#ifndef LOGFILE 
#define LOGFILE 
#endif 


“/usr/appstats/tsl.app.data” 


#ifndef BUFFERSIZE 
#define BUFFERSIZE Big /* maximum size of packet 
#fendif 


#ifndef SERVER DATA SEPARATOR 
#define SERVER DATA SEPARATOR “ “ 
#endif 


/* for writing LOG file */ 


#ifndef CLIENT DATA SEPARATOR 
#define CLIENT _DATA SEPARATOR ‘“@” 
#endif 


/* for WS-COE data */ 


#ifndef TIMESTAMP FORMAT 
#define TIMESTAMP FORMAT 
#endif 


"SY-Sm-%d ST %a 3Z “ /* shared between C/S */ 


#ifndef TIMESTAMP LENGTH 
#define TIMESTAMP LENGTH 
#endif 


extern int errno; 


void timestamp ( loctime ) 
char *loctime; 
{ 

time_t timer; 

struct tm *timeptr; 


/* get local timestamp */ 

time (&timer) ; 

timeptr = localtime(&timer) ; 
strftime(loctime, TIMESTAMP LENGTH, TIMESTAMP FORMAT, timeptr) ; 
/* timestamp */ 
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This program implements the collectd server for TSL stats 
collection. It listens on udp port 22375 ( which is in 
etc/services ) for datagrams from clients. Each datagram is 
processed iteratively by extracting the source IP address 
from the datagram along with the data, writing this to a 
log file ( /usr/appstats/tsl.app.data ), then appending 

a timestamp. 


#include “notify _tsl.h” 


/* 
* MAIN 


This routine starts the server. It forks, leaving the child 

to do all the work, so it does not have to be run in the 
background. It sets up the socket, and for each incoming 

packet, it writes a record. Each packet consists of an 
application name, version number, and associated data. 

The server will extract the source IP address from each packet 
and write this, along with the applications name,version, and data 
to the logfile. A timestamp is then appended to the record, and the 
transaction is complete. 


int packet_cnt ; 
char begin_time [TIMESTAMP LENGTH] ; 


void show_status () 
{ 

char nowtime [30]; 
char msgbuff [255]; 


(void) signal (15, show status) ; 
timestamp (nowtime) ; 


sprintf (msgbuff, "Collectd started on %s \nENDING on %s \n, %ld packets. \n", 
begin_time, nowtime, packet_cnt) ; 


printf ("“%s",msgbuff) ; 
} /* show_status */ 


main(argc, argv) 

int argc; 

char *argv[]; 

| 
int addrlen; 
char *inet_ntoa(); 
char *startup_time; 
char “ptr; 
char *ProgName; 


char loctime[TIMESTAMP LENGTH] ; /* holds timestamp */ 

ant i; /* loop counter for signals */ 

int s; /* socket descriptor */ 

int co; /* contains the number of bytes read */ 
char buffer [BUFFERSIZE] ; /* buffer for packets to be read into */ 


struct hostent *hp; /* ptr to host info 4 requested host */ 
struct servent *sp; /* pointer to service information */ 


struct sockaddr_in myaddr_in; /* for local socket address */ 
struct sockaddr_in clientaddr_in; /* for client socket address */ 
char *reqaddr; /* for client host’s address */ 
FILE *fd, *fopen(); /* for the LOGFILE */ 


/* Get program basename */ 

tl lotr = strrchyiaray(/0), (/))) == NULL) 
ProgName = argv(0]; 

} else ProgName = ++ptr; 


LISTING 2 


collectd.c, continued 


/* init counter */ 
packet_cent : 0; 


/* Ignore all signals */ 
for(i = 1; 1 <= NSIG; i+#) sional (1,SicG icy). 


signal (15, show_status) ; 


/* clear out address structures */ 
memset ((char *)&myaddr_in, 0, sizeof(struct sockaddr _in)); 


memset ((char *)&clientaddr_in, 0, sizeof(struct sockaddr _in)); 


/* Set up address structure for the socket. */ 
myaddr_in.sin_ family = AF_INET; 


/* The server should receive on the wildcard address, 
rather than its own internet address. This is 
generally good practice for servers, because on 
systems which are connected to more than one 
network at once will be able to have one server 
listening on all networks at once. Even when the 
host is connected to only one network, this is good 
practice, because it makes the server program more 
portable. 

ue 
myaddr_in.sin_addr.s addr = INADDR ANY; 


/* Find the information for the “collect” server 

* in order to get the needed port number. 

+] 

if ((sp = getservbyname (SERVICE_NAME, “udp”)) == NULL) { 
fprintf(stderr,"%s: %s not found in /etc/services\n’, 

ProgName, SERVICE NAME) ; 

exit(l): 

} 


/* Verify the port information */ 
if (sp->s_port != COLLECTOR PORT ) { 
fprintf(stderr,”%s: %s should be on port %d not %d\n", 


ProgName, SERVICE NAME, COLLECTOR_PORT, sp->s_port); 


exit (1); 
} 


/* Now, set the servers’ port address */ 
myaddr_in.sin_port = sp->s_port; 


/* Create the socket. */ 

if ((s = socket (AF_INET, SOCK _DGRAM, 0)) == -1) { 
perror (ProgName) ; 
fprintf(stderr,”%s: unable to create socket\n", ProgName); 
exit (1); 

} 


/* Bind the server's address to the socket. */ 

if (bind(s, &myaddr_in, sizeof(struct sockaddr in)) == -1) { 
perror (ProgName) ; 
fprintf(stderr,”%s: unable to bind address\n", ProgName) ; 
exit (1); 


Now, all the initialization of the server is 
complete, and any user errors will have already 
been detected. Now we can fork the daemon and 
return to the user. We need to do a setpgrp 

so that the daemon will no longer be associated 
with the user’s control terminal. This is done 
before the fork, so that the child will not be 

a process group leader. Otherwise, if the child 
were to open a terminal, it would become associated 
with that terminal as its control terminal. It is 
always best for the parent to do the setpgrp. 


setpgrp() ; 


switch (fork()) { 

case -l: /* Unable to fork, for some reason. */ 
perror (ProgName) ; 
fprintf(stderr,”%s: unable to fork daemon\n", ProgName) ; 
exit (1); 


iti collectd.c, continued 


case 0: /* The child process (daemon) comes here. */ 
/* Close stdin, stdout, and stderr so that they will 
* not be kept open. From now on, the daemon will 
* only report to the LOG file. This daemon 
* will loop forever, waiting for requests and 
* responding to them. 
a 


/* Open log file */ 
if ((fd = fopen(LOGFILE,"a”)) == (FILE *)NULL) { 
perror (ProgName) ; 
fprint£(stderr,”%s: Unable to open $s. \n", ProgName, 
LOGFILE) ; 
exit(1); 
} 


/* Show server daemon is OK upon invocation */ 
timestamp (loctime) ; 

strepy(begin_time,loctime); /* save startup time */ 
startup_time = malloc(strlen (DAEMON HELLO) +sizeof (loctime) )- 
sprintf (startup_time,”%s %s”, DAEMON HELLO, loctime); 
fprintf(stdout, ”%s”,startup_time); 

close(stdin) ; 

close(stdout) ; 

close(stderr) ; 


fprintf (fd, "%s\n",startup time); 
fflush (fd) ; 
free(startup_time) ; 


/* The SERVER code is what happens inside this loop */ 
forts;) | 
/* Note that addrlen is passed as a pointer 
* so that the recvfrom call can returm the 
* size of the returned address. We don’t 
need this info. anymore, but it’s good 
* to understand anyway. 
17 
addrlen = sizeof(struct sockaddr in); 


This call will block until a new 
request arrives. Then, it will 
return the address of the client, 

and a buffer containing its request. 
BUFFERSIZE - 1 bytes are read so that 
room is left at the end of the buffer 
for a null character. 


if ((cc = recvfrom(s, buffer, BUFFERSIZE - 1, 0, 


&clientaddr_in, &addrlen)) == -1) exit(1); 


/* Make sure the message received is 
* null terminated, the recvfrom returns 
* the length of the data received. 
a 
butfer|cc|='\0'; 


/* get local timestamp */ 
timestamp (loctime) ; 


/* Extract the source IP address from the 
* datagram. 
a) 
reqaddr = inet_ntoa(clientaddr_in.sin addr) ; 


/* Now, write the time, IP address and the data to the 
* loghle record and flush to disc */ 

fprintf£(fd,”%s %s %s \n”, loctime, reqaddr, buffer ); 
fflush ( £d) ; 

packet_cnt++; /* count packets processed */ 


} /* for loop */ 
default: /* Parent process comes here. */ 


exit (0); 
} /* case stmt */ 


} /* end collectd */ 
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LISTING 3 


notify_tsl.c 


NOTIFY @35.¢ 


This program uses a datagram socket to transfer 2 char strings 

to the TSL server r3125sv2.atl.hp.com on port 22375. It sends a single 
UDP packet (< 512 bytes) and does NO error checking. It can be used 
either as a C function call ( this code ), or as a “wrapper” 

that can be called from a shell script or the command line. 


#include “notify _tsl.h” 


int notify _tsl ( app, appdata ) 
char *app; 
char *appdata; 
{ 
int s; /* socket descriptor */ 
char loctime[TIMESTAMP LENGTH] ; /* holds timestamp */ 
struct hostent *hp; * pointer to host info for server host */ 
struct sockaddr_in myaddr_in; /* for local socket address */ 
struct sockaddr_in servaddr_in; /* for server socket address */ 
static char stats_data[BUFFERSIZE]; /* buffer for counter data */ 


/* clear out address structures */ 
memset ((char *)&myaddr_in, 0, sizeof(struct sockaddr_in)); 
memset ((char *)&servaddr_in, 0, sizeof(struct sockaddr _in)); 


/* Set up the server address family to be Internet. */ 
servaddr_in.sin_ family = AF_INET; 


/* Get the host information for the server’s hostname 

* assume that DNS (or /etc/hosts) is setup and works OK */ 
hp = gethostbyname (COLLECTOR_SERVER_NAME) ; 

if (hp == NULL) return(-1); 


/* Set the IP address using the data structure from gethostbyname */ 
servaddr_in.sin_addr.s addr = ((struct in_addr *) (hp->h addr))->s_ addr; 


/* Set the port number. */ 
servaddr_in.sin_port = COLLECTOR _PORT: 


/* Create the socket. */ 
= socket (AF_INET, SOCK _DGRAM, 0); 
-1) retur(-2); 


/* Bind socket to some local address, a port 
* number of zero will be used so that the system will 
assign the first available port number. An address 
of INADDR_ANY will be used so we do not have to 
look up the internet address of the local host. 
») 
myaddr_in.sin_ family = AF_INET; 
myaddr_in.sin port = 0; 
myaddr_in.sin_addr.s addr = INADDR_ANY; 
if (bind(s, &myaddr_in, sizeof (struct sockaddr in)) == -1) 
retumm(-3) ; 


/* get local timestamp */ 
timestamp (loctime) ; 


/* init DATA to be sent timestamp+name.version+data */ 
sprintf (stats_data,"%s %s %s”,loctime, app, appdata) ; 


/* Send the request to the server. */ 
if (sendto (s, stats data, strlen(stats data), 0, &servaddr_in, 
sizeof (struct sockaddr_in)) == -1) 
return (-4) ; 
return (0) ; 


} /* end notify tsl */ 
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Example Data File 


TSL Collector daemon started on : Mon Dec 13 14:47:00 EST 1993 


1993-12-13 14:50:32 Mon EST 192.41.7.106 1993-12-13 14:48:35 Mon EST ANDYISTTEST.00 
here is my DATA 


1993-07-15 07:46:23 Mon EDT 192.50.117.143 1993-07-15 07:47:02 Mon EDT CDB.MOD.D.05 
Runs: 1 Adds: 0 


1994-01-14 09:32:30 Fri EST 192.41.7,109 1994-01-14 09:32:08 Fri EST NSC Admin Tool 
(LEEMAH) USER: leemah client 


1994-01-14 14:30:11 Fri EST 192.41.7.108 1994-01-14 14:31:25 Fri EST fview.alpha 
Uses: 1 Reads: 1 Help: 1 


1993-03-15 03:18:03 Fri EST 192.163.192.44 1993-03-15 09:18:12 Fri MET PostnoteXm: 
4,03 Machine: 9000/710, HP-UX: A.09.0 


1996-03-15 06:16:09 Fri EST 192.50.133.187 1996-03-15 06:16:24 Fri EST Helpdesk 
Status Board rev. 4.11 MACHINE: i13125g17 


1996-03-15 06:48:32 Fri EST 192.32.121.44 1996-03-15 06:48:46 Fri TSL CMSMGR A.02.04 
ZAM CMSDB 


1996-03-15 06:57:45 Fri EST 192.32.121.44 1996-03-15 06:57:59 Fri TSL CMSMGR A.02.04 
MD CMSDB 


1996-03-15 07:54:04 Fri EST 192.50.113.43 1996-03-15 07:55:20 Fri TSL SMLOGON 
A.01.01 1SH094:SYS.MANAGER 


1996-03-15 07:55:57 Bra HST 192 50. 113.43 1996-03-15 07:57:08 Fri vs 
A.01.01 ISE117:SYS.MANAGER 


with global defines that are used by both client and server (to 
help keep them in synch). I strongly suggest using a common 


header file when developing client-server systems. It aids greatly 
in keeping the application protocol the same between client 
and server. Lastly, a timestamp function that is used by both 
client and server is defined. 


collectd.c 

This is the server code. It includes the common header 
file, declares a counter and a buffer, and defines an interrupt 
service routine. The rest of the code is a single main function 
that provides all of the server functionality. Within this func- 
tion, variables are declared for sockets, counters, and buffers, 
as well as a log file for saving data from each transaction. Next, 
variables are initialized, and interrupts are ignored except for 
signal 15, which writes the current time and packet count to 
the log file. 

Next, we use getserubyname() to check /etc/services for the 
configured port number. This allows us to change the server 


port by editing the /etc/services file. Now 
we can create and initialize the server’s 
socket and bind it to a port. After this, 
the server is ready to become a dae- 
mon, and so it will perform several sys- 
tems calls to facilitate this. Once the 
child process has successfully become 
a daemon, it opens the log file, writes 
a startup message, and begins an infi- 
nite for loop. This loop contains a 
recufrom() call to get both that data and 
the IP address from clients. If the 
recufrom call fails, the server terminates; 
otherwise, it will just wait indefinitely 
for clients to send messages. Every time 
recufrom() is successful, a timestamp is 
generated, the IP address of the client 
is extracted from the UDP packet, and 
the client data along with this infor- 
mation is written to the log file. The 
packet count is then incremented, and 
the loop continues. 


notify_tsl.c 

This contains the client code. 
Basically, this function (which takes two 
character string parameters) simply puts 
a timestamp and the two parameters into 
a UDP packet and sends it. 

It was designed to be as lightweight as 
possible (so end users would not be 
affected). The code contains variables 
for the socket and two address struc- 
tures, along with a local buffer. First the 
hostname is looked up (so we can use 
DNS), the socket is created and bound, 
and a timestamp is generated. Once that 
has been accomplished, a data buffer is 
loaded with the client data and the time- 
stamp, and then this buffer is sent in a 
UDP packet to the server. 

Example data generated by this sys- 
tem can be seen in Listing 4. Note the 
two timestamps (one from the client 
and one from the server) that allow 
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detection of time zone differences (and clock skew). 
This concludes this article on sockets programming. If you have further ques- 
tions regarding this material, you may e-mail me. My address is ajp@atl.hp.com. 1 


Andrew J. Phillips is an information technology engineer within the AFO Technology Solutions 
Lab in Atlanta, Georgia. In the 11 years he has worked for HP, he has been a telecommuni- 
cations engineer, a system manager, and a program analyst. 
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Book Review 


The Dilbert 
Principle 


At-a-Glance 


Title: 
The Dilbert Principle: A Cubicle’s-eye 
View of Bosses, Meetings, Management 
Fads, & Other Workplace Afflictions 


Author: 
Scott Adams 


Publisher: 
United Feature Syndicate, Inc., 
1996, 336 pages. ISBN: 0-88730- 
787-6 


Price: 
$20.00 
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EASILY THE MOST IMPORTANT book 
about managing a company since 
Reengineering the Business. A no-holds 
barred, cut to the chase, “we’re all in this 
together” look at corporate America. 
This book is written by one of the most 
influential authors on management in 
our time, so you'll want to keep a copy of 
it on your desk to know how to evaluate, 
understand, and respond properly to 
the memos and edicts from senior man- 
agement, which strives to make your jobs 
easier and more enjoyable. 

Yeah. Right. 

For those who don’t know who Scott 
Adams or Dilbert are, pick up this book 
at your local bookstore, open to page 61 
and read the first couple of paragraphs 
of “Your Input Is Important to Us.” Then 
look at the cartoon on the bottom of 
page 188. Or get your daily paper and 
look for the Dilbert comic strip. It is usu- 
ally in the Business section. Or look at 
the geeky, engineering types at the local 
mall or technical bookstore. At least 100 
will have a Dilbert T-shirt on. (I can call 
them “geeky, engineering types” because 
I am one of them. ;-) 

The table of contents pretty much 
describes the tone and approach of the 
book: 


Forward: Big Opening 
Introduction: Why Is Business So 
Absurd? 
Chapter 1 The Dilbert Principle 
Chapter 2 Humiliation 
Chapter 3 Business Communication 
Chapter 4 Great Lies Of Management 
Chapter 5 Machiavellian Methods 
Chapter 6 Employee Strategies 
Chapter 7 Performance Reviews 
Chapter 8 Pretending to Work 
Chapter 9 Swearing: The Key to 
Success for Women 
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Chapter 10 How to Get Your Way 

Chapter 11 Marketing and 
Communications 

Chapter 12 Management Consultants 

Chapter 13 Business Plans 

Chapter 14 Engineers, Scientists, 
Programmers, and Other 
Odd People 

Chapter 15 Change 

Chapter 16 Budgeting 

Chapter 17 Sales 

Chapter 18 Meetings 

Chapter 19 Projects 

Chapter 20 ISO 9000 

Chapter 21 Downsizing 

Chapter 22 How To Tell If Your 
Company Is Doomed 

Chapter 23 Reengineering 

Chapter 24 Team-building Exercises 

Chapter 25 Leaders 

Chapter 26 New Company Model: 
OA5 


Scott Adams was an engineer, living 
in a cubicle, when he started drawing 
Dilbert, an engineer, living in a cubicle, 
working for an idiot boss. (Scott insists 
that most of his material is from e-mail 
he has received. Do you believe him?) 

Unlike the other Dilbert books, this 
book is not just a collection of old 
comic strips you can read all at the 
same time instead of having to wait for 
tomorrow's newspaper (or Web site 
update). In this book, Adams explains 
(or attempts to explain) many of the 
actions to which management subjects 
its employees. 

The commentary is sprinkled with 
humorous footnotes, comics from the 
daily series, and actual e-mail from 
readers, minus the headers and em- 
ployee and company names to protect 
the stupid. I very much enjoyed his style 
of writing, often insulting himself (check 


out the footnote on page 197) and 
leaving nothing sacred. 

While humor is the delivery vehicle, 
a lot of what he is presenting is unbe- 
lievable. Even looking at the topics he 
covers and assuming some degree of 
exaggeration, the policies and tasks of 
management he describes made me 
cringe several times. 

In the last chapter, the author 
changes direction completely and 
describes what he sees as the perfect 
company. After reading about all the 
horrible, stupid, and dangerous actions 
companies take, he opens himself up 
for criticism by defining a model he 
would use to run a company. Not to 
spoil the ending, do not read the last 
chapter first. It has a greater impact 
when read after the rest of the book. 

Okay, maybe I'll ruin the ending a 
little bit. The best idea presented in the 
whole book is: (Guess what, I can’t print 
it here. After all this is a “family” maga- 
zine. See page 321, Item #1.) 

As for the opening paragraph of this 
review, I’d think about your manage- 
ments style before leaving this book on 
your desk. They may realize you are on 
to them. El 


Chris Curtin, a software developer for Bradley 
Ward Systems, Inc. in Atlanta, Georgia, spe- 
cializes in device driver development for factory 
automation on the HP 9000. He can be 
reached via e-mail at: chris@bwilab3. ail. ga.us. 
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Performance Advisor is the ultimate on-line 

performance tool for HP 9000 systems. 
With instant access to performance data 
as it happens, system managers can opti- 
mize performance, identify bottlenecks, 
increase throughput and solve perfor- 
mance problems quickly and easily. 


For more 
information or a 
FREE 30 day trial 

copy, call today at: a3 
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Performance Beyond Expectation 
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ROBUST, RELIABLE, 
USER-FRIENDLY DELIVERY 
OF MESSAGES ANYTIME, 


ANYWHERE 


e Email forwarded to pager automatically 

e Pages can be generated from scripts 
and network monitoring programs 

e GUI and command line interface 

¢ Works with any paging service 

° Automatic email confirmation, history 
logs and error reporting 

e Client-server technology 

e Works with digital and alphanumeric 
pagers 


Personal Productivity Tools 
for the Unix Desktop 


14141 Miranda Rd 

Los Altos Hills, CA 94022 
Email: sales@ppt.com 
Tel: (415) 917-7000 

Fax: (415) 917-7010 
http://www.ppt.com 
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Windows NT 


Installing 
NT 4.0 
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by Bob Combs 


THE INSTALLATION OF A new operating system can be fairly intimidating if you haven't 
gone through it before. But like most tasks, it’s really quite straightforward once you've 
done it. There are a few things you need to check and a few things you should know before 
starting. I'll detail what to expect to get your Microsoft Windows NT 4.0 installed. 


Before You Begin 

Before you begin, you should refer to Microsoft’s Hardware Compatibility List 
(HCL). The HCL manual is included in the box with Windows NT, is online at 
Microsoft’s Web site, and is on the Microsoft TechNet CD-ROM. It lists all the known 
computer models and peripheral devices supported by Windows NT. I always use this 
manual to look up my computer, disk, CD-ROM, video card, and SCSI controller (if 
any), before starting any installation. Some of the devices have footnotes associated 
with them. Pay particular attention to these, since they usually point out potential 
problems with that particular card or device. If you have a disk, controller, CD- 
ROM, or video board that is not listed on the HCL, the odds are you may not be able 
to generate a system on that computer. 

The computer should have a minimum set of resources. Microsoft claims that the 
machine should have a minimum of 12 MB of RAM and 75 MB of free disk space. 
Microsoft recommends, however, that the computer have 16 MB of RAM. I’ve found 
that a full system will use about 125 MB of disk space and needs at least 16 MB of 
RAM. I prefer 32 MB of RAM for my workstation, which improves the speed of most 
programs. If you’re planning on installing Microsoft Office and a development 
language, you'll want at least a 1-GB disk drive. 

If you've checked your hardware on the HCL and verified that you have enough 
resources, you'll need to note a few items before you start the installation. 


= Computer name a name you assign to your computer 

m Administrator password your local super-user password 

m Network IP address the IP address assigned to your computer 

m Network Subnet mask the subnet mask associated with your IP address 
m Default gateway IP address _ the IP address of your segment’s router 

m DNS IP address the IP address of the DNS you use 


The first two items, computer name and administrator password, are needed for 
all installations. The last four are needed only if your computer is connected to a net- 
work that uses TCP/IP. The last two are needed if your network is connected to the 
Internet. If you have any questions about the last four, ask your server administra- 
tor or local network services person. 


Ways to install 

Windows NT can be installed from Windows 3.1, from another version of Windows 
NT, or onto a new blank system. While you can install Windows NT from floppies, 
I’m assuming a CD-ROM for installation. 

Installing to a blank new system means you'll use the three (3) setup floppies that 
come with the CD-ROM. (You can always recreate these floppies from the CD-ROM 


using “WINNT /O”.) Boot the Setup flop- 
py and follow the directions to install NT. 

Installing on top of Windows 3.1 or 
Windows NT can be performed with- 
out the floppies by running the instal- 
lation program directly from the 
CD-ROM. If the CD-ROM drive is drive 
letter D:, and we’re installing onto an 
Intel-based computer, then the D:\i386 
directory contains the installation files. 
You can install Windows NT onto an 
existing Windows 3.1 or Windows for 
Workgroups 3.11 system (16-bit systems) 
by running D:\:3S6\WINNT. If you are 
installing onto an existing Windows NT 
or Windows 95 system (32-bit systems), 
run D:\i386\WINNT32. 

The standard operation of WINNT 
is to (1) create setup floppies, (2) copy 
files to a temporary disk directory 
($WIN_NT$.~LS), and then (3) boot the 
setup floppy to start the installation. Since 
we already have the setup floppies, and 
would prefer not to have to load them 
anyway, I use the parameter switch WINNT 
/B to run without the floppies, i.e., don’t 
create them and don’t load them. 

Towards the end of the installation 
process, you are asked for a blank flop- 
py to create an “Emergency Repair 
Disk.” This floppy is very important for 
repairing the configuration and 
accounts of your particular system. But 
because you'll be adding additional 
items to the system after the initial instal- 
lation, you'll probably have to recreate 
the repair disk again later. Therefore, I 
tend to skip this process during the ini- 
tial installation by adding the /X switch 
to WINNT. My typical install string looks 
like D:\i386\WINNT32 /B /X to start the 
install process from Windows 95 or 
Windows NT. Later I create the repair 
disk by running the NT program RDISK 
from the Start/Run prompt. 


Installation Process 

Staring WINNT/WINNT32 from the 
CD-ROM will copy files to the hard disk 
and then ask to restart the computer. 

After restart, a special limited instal- 
lation NT system boots up. It detects 
hardware and chooses drivers for the 
devices it detects. You must choose from 
options such as Upgrade, Repair, and 
New Installation, depending upon 
whether a previous NT system is 
detected on the disk. I want to point out 
that when it detects mass storage devices, 
ensure that your CD-ROM or interface 
is listed. If not, type ‘S’ to specify addi- 
tional devices and add it to the list. 
Otherwise the install will fail a few steps 
later when it looks for floppies instead 
of the CD-ROM. 

Also, if you have a multiprocessor 
computer, then when the Computer 
Configuration is presented, highlight 
the “computer” definition and press 
enter. You'll then be asked for the man- 
ufacturer’s driver disk, which contains 
the multiprocessor HAL driver supplied 
with your machine. 

You'll be asked to format a partition 
or accept the current partition to install 
into. The default answers will guide you 
if you're unsure. When asked the ques- 
tion of which file system to use, FAT or 
NTES, I answer NTFS. The FAT file sys- 
tem is compatible with MS-DOS, 
Windows 95, or OS/2, allowing dual 
boot configurations. I prefer NTFS 
because it allows full NT security. 

The install program then scans the 
hard drive for corruption and then 
restarts the computer again. 

Windows NT 4.0 has a new look 
when the computer reboots this second 
time. It has a new installation wizard to 
make installation easier using the 
Next/Back dialog boxes. After you 


accept the license terms, files are copied 
to the NT directories. 

When asked for the installation type, 
choose “Typical” unless you know what 
you're doing. 

You'll be asked for your name, company 
name, and then the name of your com- 
puter. Then you'll be asked for the pass- 
word you re assigning to the Administrator 
account. Don’t forget this password! 

You have a choice of creating the 
Emergency Repair disk or not, and then 
are asked about networking. Choose the 
networking connection types (modem or 
direct connect) that you'll use; and the 
protocols(TCP/IP, IPX, or NetBEUI) in 
use on your network. 

If you are asked about DHCP, answer 
“no” unless you know that your IP 
addresses are dynamically served and 
support DHCP. 

If you use modem dial-up network- 
ing, answer “yes” to RAS networking. 
You'll then be asked to detect the 
modem and configure it. 

Finally, you are asked to select your 
time zone, and the system cleans up. 
The Emergency Repair disk is then cre- 
ated, if selected, and the system restarts 
to bring up your Windows NT system. 

Pressing Ctrl-Alt-Delete will pop up 
the logon dialog box, where the user 
name of Administrator and the pass- 
word you selected can be entered. You'll 
notice that the 4.0 shell looks like 
Windows 95. Have fun exploring the 
similarities and differences between 
Windows 95 and Windows NT 4.0! 0 


Bob Combs is the Director of Systems 
Architecture at PCSI in Englewood, New 
Jersey, a company specializing in chent-server 
technology. He is a Microsoft Certified Systems 
Engineer (MCSE) and holds a master’s degree 
in electrical engineering. 
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Internet Goodies 


Software 
Activities 
Picking Up 
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A NUMBER OF INTERESTING pieces of 
software were announced on Usenet 
during the last two months. Activities 
are picking up. My Web site (such as it 
is) has changed. You can now find me 
described at http://www. topshot.com/ 
joeberry. html. 


COMP.INTERNET.NET- 
HAPPENINGS 


weblint (v 1.017) 

This program proves that you need 
to keep your finger on many Usenet 
newsgroups or you will miss some nice 
programs. Weblint is a Perl program that 
analyzes html files for syntax errors. A 
wonderful tool for Web page developers, 
weblint is similar to the lint syntax 
checker for C programs. Weblint requires 
Perl 4 or 5 to run. This software, by Neil 
Bowers <neilb@cre.canon.co.uk>, is available 
via the Web at hitp://www.cre.canon.co.uk/ 
~neilb/weblint/ or via ftp as ftp.cre.canon.co. 
uk/pub/weblint/weblint-1.017. tar. gz. It 
installs in a few seconds. 


GNU.EMACS.SOURCES 


e-mh-alias.el 

I do my e-mail using the mh package 
(see the Goodies column in the March 
1996 issue). While I sometimes use mh 
directly, I more typically use it within the 
editor emacs. This emacs elisp file 
extends the basic mh offering by doing 
automatic name completions for aliases 
in the mh-letter buffer. This is for lazy 
people such as myself. 


rmime.el 

This is another great little mh add- 
on for emacs users. More and more 
often I get mime-encoded e-mail. These 
are e-mail messages that have self- 
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describing descriptors added to the 
beginning, allowing you to send pictures 
and other kinds of non-textual docu- 
mentation. With rmime, you simply 
enter control-c twice on the line that 
describes the enclosure and the appro- 
priate viewer is executed showing you 
what was sent. 


COMP.SYS.HP.HPUX 


tcbdump v 3.2 

In the previous issue of hp-ux/usr, I 
discussed the program tcpdump 
(Version 3.0) and mentioned that 
although this is a very useful and pow- 
erful tool, it did not run on HP-UX Sys- 
tems. This latest version of tcpdump and 
its companion libraries libpcap (Version 
0.2) and bpf (Version 1.1) from the 
Network Research Group at the 
Lawrence Berkeley National Laboratory 
now support HP-UX. The three pack- 
ages are available via ftp from the fol- 
lowing site: /tp.ce.lbl.gov. The files are in 
the root directory and are called tcp- 
dump.tar.Z, libpcap.tar.Z, and bpf:tarZ. 


tom v 0.01 

This sounds like an interesting pro- 
gram. It is the first release of an object- 
oriented programming language, 
inspired by Objective-C that doesn’t (so 
it is claimed) suffer a C heritage. The 
program comes to us from Pieter 
Schoenmakers <tiggr@es.ele.tue.nl>. 

This first release has been tested on 
HP-UX systems; it also runs on Linux 
(X86) and FreeBSD (X86) systems. 
Information about tom is available at 
hitp://tom.es.ele.tue.nl:8080/, 

A few of the features of tom listed 
below are based on the announcement of 
the program in the Usenet newsgroup: 

Usability. With tom, the semantics of 


the language do not change with the 
availability of sources. Put more strongly, 
the possibilities of the language are not 
restricted in any way if sources are not 
available. 

This in contrast to, for example, 
Eiffel, where the availability of only the 
short form of a class severely hampers 
the possibilities of subclassing. 

As another example, given a C++ 
library, suppose you want to replace a 
class by a different one. In that case, the 
member variables must remain identical 
if referred to from within one of the other 
objects in the library. The same is true 
for virtual methods if invoked from the 
other objects. If any of the member func- 
tions of the class to be replaced is in-lined 
in the other objects, the possibility of suc- 
cessfully completing this venture within 
the original goals is further reduced. 

Dynamic. At runtime, tom provides 
full typing information on objects, their 
instance and class variables, and argu- 
ments to and return value from meth- 
ods. All methods are dynamically bound. 
Methods are provided to read and set 
instance and class variables given their 
name, to retrieve an object’s class, to 
query a class for its position in the inher- 
itance hierarchy, to send an object a mes- 
sage of which the selector need not be 
known at compile time (a bit like func- 
tion pointers in C++, but being dynam- 
ically bound much more flexible—more 
like perform in SmallTalk and Objective- 
C, but without restrictions on the types 
and number of arguments). 

Storage Management. All objects are 
allocated from the garbage collected 
heap. This implies that it is impossible to 
have problems with dangling references, 
previously valid pointers suddenly point- 
ing into the void, memory leaks, etc. 

Return Values. In most languages, 


HP 3000's favorite database 
utility is now on HP-UX. 
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there is an arbitrary limit on the number of values a method or function can return 
without reverting to tricks. This limit is 1, and pointer arguments are needed to return 
more than one value, or the return values need to be packed into an aggregate entity 
which can then be returned as the single return value. In Common Lisp, multiple-val- 
ued returns are possible, but they are special. 

Tom imposes no limit on the number of values that can be returned from a method. 

Exceptions. In most languages (C++, Java, NeXT’s Objective-C libraries, to name 
but a few), an exception handler is executed in its own context instead of the con- 
text of the exception raiser, implying that it is impossible for the handler to direct 
the actions of the condition raiser—the stack has already been unwound and nothing 
can be done about that. 

The tom exception mechanism is modeled after Common Lisp conditions. A 
tom condition can be signaled; if none of the condition handlers is interested in han- 
dling a condition, execution continues in the context of the condition signaler, as 
if the signal were a normal method invocation. A condition handler can direct the 
condition signaler by setting the value to be returned from the signal invocation. It 
can also decide to perform a non-local exit, the equivalent of a C long jump. 


COMP.SYS.SUN.APPS 


Sct TeXt 

I know this package exists since I’ve looked at the Web page associated with it. I have 
not tried the software, however, so I cannot attest to its quality. Nevertheless, SciTeXt 
is a new, free word processor (as opposed to text processor) for UNIX systems. 


hp-ux/usr = november 1996 Ey 


internet goodies 


Some of the more impressive features include the following: WYSIWYG, sup- 
port for PostScript fonts, paragraph and document templates, auto-correction and 
spell checking, footnotes, table of contents, indices, layouts for tables, charts, graph- 
ics, etc., etc. The software comes with a Tcl/Tk help browser as well as a Tcl/Tk 
installation script to make the installation process go easy. 

The package is freely available to anyone for commercial or non-commercial 
use, and can be ftp’ed from the following site: 


http://www.uni-paderborn.de/~Sca TeXt/archives/getSci TeXt. html 


You can also go to the home page where a description of the software is available 
(hitp://www.uni-paderborn.de/~SaTeXt/) . 

Unfortunately, no precompiled version for HP-UX is available. The sources are 
downloadable and based on what I read, building an HP-UX version shouldn’t be 
a problem (it does require X11R6, however). Binaries for IRIX, Linux 2.0, and 
Solaris 2.5 are currently available. 


COMP.LANG.PERL.ANNOUNCE 


PGPPerl 

This is a Perl module that contains a suite of PGP security routines. Although the 
library is quite usable, it is still a long way from being complete, and the interface 
is subject to change. 

This module contains the following functions: PGP conventional encryption, 
PGP public key encryption/decryption, and PGP key generation. 

The module can be downloaded from hitp://www.systemics.com/software/. 


COMP.UNIX.MISC 


Amanda v 2.3.0 

The Advanced Maryland Automatic Network Disk Archiver (amanda) pack- 
age comes courtesy of the University of Maryland at College Park, where it is 
used daily at the Computer Science Department. This package, built on top of 
standard backup software (using GNU tar, gzip, etc.), is a backup system designed 
to archive many computers on a network to a single large-capacity tape drive. 

The software includes tape management and automatic backup checks; the results 
can be e-mailed and installation and configuration are easy. In addition, amanda sup- 
ports Kerberos authentication software and optional automatic data compression. 

Amanda can be acquired by anonymous ftp from /fip.cs.wmd.edu. Go to directo- 
ry /pub/amanda and look for the latest copy. 


WEB Pages 


http://developernetscape.com/library/one 


This site presents two white papers, a technical overview of the Netscape Open 
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Network Environment (ONE) applica- 
tion architecture and a strategy paper 
on the company’s intranet product line. 
It’s interesting reading and presents 
Netscape’s vision of the future of Web 
software. 


http://www.byte.com 

Byte Magazine’s Web site offers a 
really nice benchmarking tool that you 
might want to download and look at. I 
have found it to be very useful. In addi- 
tion, many resources, including articles 
and interviews are made available to 
the Web surfer. 


http://Web.mit.edu/asante/www/ 
siteday.html 

Those of you who have checked out 
my Web site know that my background 
included studying astronomy as a uni- 
versity undergraduate. I have recently 
come back to that subject as an ama- 
teur and am finding it immensely pleas- 
ing to see so many Web sites on the 
Internet dedicated to the field. This 
site presents a different Web site every 
day that is dedicated to the field of 
astronomy. El 


Joseph Berry is a senior software developer at 

Landmark Systems Corporation in Vienna, 
Virginia. He is one of the authors of 
Landmark's PerformanceWorks products, 
PerformanceWorks/Smart Agents for UNIX. 
A former HP 3000 systems specialist for 
Hewlett-Packard, he has been in the computer 
industry for more than 25 years. He can be 
reached at joe@wayne.unix.landmark.co. 
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Last X Release 


oe hp-ux/usr = november 1996 


by Larry Headlund 


THE LAST RELEASE OF X will hit the 
streets at the end of 1996, God willing 
and if the creek don’t rise. The X 
Consortium, descendent of the original 
X development team at MIT, will dis- 
band, and responsibility for X Window 
will be transferred to the Open Group, 
a subsidiary of the Open Software 
Group, the people who brought you 
Motif. A lot of the X development peo- 
ple are going over to the Open Group 
at the same time. I am writing this in 
August of 1996 and developments by 
the time you read this may make me 
look foolish, but that has never stopped 
me before. 


What Is Going On? 

The release of X numbered X11R7 
will be the last release of X. This release 
will include the technology known as 
Broadway, about which there will be 
more information later. From other 
developments it seems that X, Motif, and 
CDE (Common Desktop Environment) 
will all be under one roof. This last has 
rung a lot of people’s chimes. 

The X Consortium is being absorbed 
by the Open Group, not the other way 
around. When the announcement was 
first made, some asked if it meant that 
Motif would now be available under the 
same terms that X had been, full source 
and free redistribution. No way. When 
this fact was absorbed, it was immedi- 
ately followed by a cry that free X was 
being taken away. 

This is a more complicated question. 
In the discussion that followed (on 
comp.windows.x primarily), Bob Scheifler, 
the original author of X and president 
of the X Consortium, pointed out that 
X had used the free distribution and 
source code as a means to wide distribu- 
tion and use of the technology, not as an 


end in itself. Contrast this with the posi- 
tion of the Free Software Foundation, 
where the notion of software being free 
is central, nay overriding. 

For those just tuning in, the Free 
Software Foundation, the GNU (GNU 
not UNIX) project, the GNU General 
Public License, and the GNU General 
Public Library License are creations of 
Richard Stallman and dedicated to the 
proposition that software should be free 
in the sense that the source code should 
be available to any user and that any 
user should be able to make changes 
and redistribute those changes. Note 
that nothing here is said about mone- 
tary issues, although this principle has 
economic consequences. “Free” is used 
in the sense of libras, not in the sense of 
gratis, clearing things up for you classical 
scholars. 

The GNU Project is the creation of 
an entire UNIX-like operating system 
that is free in this sense. The goal was 
first announced, along with the princi- 
ples behind it, in 1984 in Stallman’s 
GNU manifesto. Discussion of the whole 
project’s wisdom, implementation, ram- 
ifications, and consequences hasn’t 
stopped yet. 

The GNU General Public License is 
a tool to ensure the goal is reached. 
Briefly, if you receive software covered 
under the GPL, you have the right also 
to have the source code. You have the 
right to redistribute both without any 
further permission from the author of 
the software. You have the right to mod- 
ify the software and distribute that too; 
however, if you redistribute the software 
(and what is meant by “redistribute” is a 
frequent subject for debate) , your mod- 
ifications are also covered by the GPL. 
You can’t take GPL software, add your 
own code, and redistribute while keep- 


ing your changes proprietary. All the 
software is covered by the GPL. All 
means all. You couldn’t write an inter- 
face to a database for a GPL spreadsheet, 
for example, unless the interface code 
and the database code was available. 

This restriction is in effect even if you 
yourself don’t have access to the offend- 
ing code. You couldn’t write and dis- 
tribute an interface to a third-party 
database unless the third party also 
released its code. I keep saying write and 
distribute since what you do on your 
own computer is unrestricted. Only 
when the result is distributed does the 
license come into effect. This is a rather 
strict interpretation of the GPL. Some 
authors would permit the distribution 
I have just described. The reason for 
this restriction is to block end runs 
around the GPL. If it wasn’t there, you 
could have company A with proprietary 
code, and company A.1 making use of 
GPL code and Company A’s libraries to 
produce software that was unusable with- 
out paying tolls to company A. 

A similar license, the General Public 
Library License, isn’t so stringent. With 
this license, you can link and use GPLL 
code with proprietary code, provided 
you allow access to the original library. 
This relaxation was a consequence of 
the use of the enormously popular gcc 
C compiler. Under a strict interpreta- 
tion of the GPL, any code compiled with 
gcc and linked with the gcc libraries 
would be covered by the GPL. This 
dampened use of the gcc considerably. 
This particular feature of the GPL 
resulted in the (erroneous) belief that 
just using GNU tools resulted in your 
code becoming “infected.” The gcc 
libraries are covered under the General 
Public Library license so this is not true 
for gcc. It is also not true for the other 
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tools such as bash, the gnu shell, or any 
other GNU tools. If you write your code 
using the Emacs editor, the Free 
Software Foundation has no claims on 
you! There is one interesting exception. 
The exception is bison, the GNU ver- 
sion of yacc. Since yacc and the rest of 
the herd function by inserting part of 
themselves into the output, code run 
through bison is covered by the GPL. 
There is a class of exceptions to the 
proprietary library linkage question, even 
for strict GPL programs. These are parts 
of the “standard operating environ- 
ment.” I put that in quotes because what 
qualifies is not based on principle, but 
on what is usually part of (UNIX) oper- 
ating systems. These include compilers 
and libraries, shells, and windowing sys- 
tems. You see why I had the UNIX in 
parentheses: compilers are not a normal 
part of PC operating systems but were 
for UNIX systems when GNU was con- 
ceived. You can link GNU software to 
software which exploits the quirks of PC 
compilers. But it is the windowing sys- 
tem exception that brings us back to X. 
X has become the standard for GNU 
software. GNU partisans are passionate 
about their software and their cause. 
Note that X is not covered by the GPL. 
There is nothing to keep a company 
from taking X code, making modifica- 
tions, and keeping the results propri- 
etary. It is done all the time. HP starts 
with the code from the X consortium, 
makes modifications, hopefully en- 
hancements, and keeps the results for 
its own use (and ours). Just because it 
is based on X code doesn’t mean we, as 
users, have a right to it. Contrast this 
with releasing X under the GPL. The 
source code from HP as well as the X- 
based Motif code would be available 
and freely redistributable by all. The big 
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question is, Would this now proprietary 
code have been written at all under 
those conditions? Those who want to 
participate in the never-ending debate 
on these questions should check out 
gnu.misc.discuss. Bring your asbestos suit. 

This relationship between X and 
GNU, and the fact that X has been free 
in both senses of the word since its birth 
fueled some of the anxiety about X being 
changed and particularly about the rela- 
tionship with the OSE. Motif has not been 
universally popular with free software par- 
tisans. Primarily, the reason is that its 
source code is not free. There has been 
a tendency for GNU partisans to prefer 
Athena widgets. By no means all GNU 
developers—there are many excellent 
Motif-based GNU programs, but they 
have been avoided by the purists. This is 
mixed with a general anti-OSF feeling. 
The roots of this are more complicated. 

Remember that the OSF produced 
Motif through a union of Sun Micro- 
systems’ competitors, HP prominent 
among them; Motif was counterpoint 
to Sun’s Open Look. Sun was very pop- 
ular with many GNU partisans, not least 
because they had the same roots, 
Berkeley Software Distribution (BSD). 
Sun’s OS was BSD-based while HP was 
System V with BSD enhancements, 
IBM’s AIX and DEC’s UNIX were 
System V, etc. Ironically, the OSF was 
formed in response to agreements 
between Sun and AT&T that resulted 
in Sun moving to Solaris, which was 
System V.4 based. The BSD crowd had 
a natural sympathy for Sun in these 
lamented interface wars. Sun solidified 
its position by releasing its Remote 
Procedure Call (rpc) tools in the public 
domain. Free software partisans tend to 
regard the Open Software Foundation 
with suspicion. 


What has all this to do with the price 
of bread? As Bob Scheifler pointed out, 
X11R5 is still available under its original 
distribution terms—do anything you 
want, just acknowledge the contribu- 
tion—and X11R7 will be distributed 
under the same terms. If the free soft- 
ware community wants to pick up the 
ball, they are free to do so. It is the X con- 
sortium’s position that the underlying X 
technology is now mature enough that 
it doesn’t need an organization dedicat- 
ed to extending the technology. Just as 
X11R6 moved the Athena widget set out 
of the core distribution and into the con- 
trib section, in effect all of X has been 
moved to the contrib section. 

One advantage of X, Motif, and CDE 
being under one roof is hopefully more 
coordination. Since CDE was intro- 
duced, we have had an X release 
(X11R6), a Motif release (Motif 2.0 
based on X11R5), and the public release 
of CDE (based on X11R5 and Motif 
1.2). Is there something wrong with this 
picture? What am I supposed to use? 
With one organization responsible for 
all three products, we should get the 
inconsistencies taken care of. 

But maybe I am an optimist. tl 


Larry Headlund is president of Mathematical 
Engineering, Inc. and has been involved with 
commercial UNIX since 1982 and with X since 
1988. He can be reached at lmh@world.std.com 
or (617) 242-7741. 
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GSL Perspective 


AFTER WRITING MY LAST column 
regarding job skills, I realized that there 
is a huge number of possible topics, 
many of which cannot be covered in a 
single column or short discussion. I do 
want to continue that discussion, but 
first I have some very exciting informa- 
tion to pass on to our members. 

At the HP WORLD conference in 
August, Interex and the InterWorks 
Technical Users Forum formally 
announced the FAST (Freely Available 
Software Technology) project. FAST 
consists of a group of dedicated Interex 
members who will be porting the top 
100+ freely available software packages 
to HP-UX 10.0. The packages will be 
organized into bundles to make it very 
easy to find and load the software that 
you need. 

With the release of 10.0 by HP in 
1995, we have had many inquiries from 
members about particular packages and 
the availability on the new HP-UX oper- 
ating system. Although the Interex CSL 
cannot guarantee any particular pack- 
age will run on any particular operating 
system version, our experience indicates 
that most will. Although we believe that 
our packages would run under 10.0, we 
believe that this is a great opportunity 
to improve our depth and breadth of 
programs and to make great improve- 
ments in the configuration, packaging, 
and bundling of the library. We also 
want to take advantage of some of the 
enhancements in the operating system 
such as the System V.4 file layout stan- 
dards and the new Software Distributor. 

Many of you have been regular users 
of the HP Public Domain Archive at 
Liverpool. This organization has done 
some really fantastic work in making a 
wide variety of packages available to the 
HP-UX user community. If you look at 


their catalogue, you will find over 1,100 
packages, all of them built and tested 
under HP-UX 9.x. Imagine what kind of 
effort it might take to move that volume 
of software onto 10.0. It clearly will 
require a broad-based effort, with a much 
larger team of people working together. 
This team of porters, working from a pub- 
lished distribution standard (you can view 
it at hitp://www.cs. berkeley.edu/~staelin/soft- 
ware.html) will start from a list of the 100+ 
most popular packages in such categories 
as image-handling, mail/news, net- 
working tools, software development, sys- 
tem administration, word processing, and 
World Wide Web. These packages will 
then be available to the HP-UX users 
through various sites. 

For more information on the FAST 
effort, consult the project Web page at 
hitp://www.interworks.org/library /FAST: html. 

The FAST project effort plays into 
the job skills topic I would like to dis- 
cuss—Teamwork. In July, I participated 
as an adult advisor on a backpacking 
trip to Philmont Scout Ranch in New 
Mexico. You notice, I was an advisor, not 
a leader. Each crew of scouts consists of 
8 to 10 boys with up to four adult 
advisors. This group of people forms a 
team with a single scout selected as the 
crew leader. This leader must be capable 
of making decisions, achieving consen- 
sus, and resolving differences. Some say 
that’s a pretty tall order for a 16-year- 
old, and you would be right. 

Fortunately, it is the crew, operating 
as a team, that really empowers that 
leader and also empowers the team to 
be more than the just the sum of its 
parts. As our trek started to wind down 
and individuals began to falter, we could 
fall back on each other to get through 
those tough days. We could rely on the 
strength of the team to pull us through. 


More and more these days, our day- 
to-day work activities require us to 
contribute to as well as lead teams. We 
may use other terms like “group,” “com- 
mittee,” “task force,” or “working group” 
to describe collections of individuals 
brought together to accomplish some 
goal, but none of these terms seems to 
capture all the nuances of “team.” A 
team is more than just a collection of 
individuals; it also has as part of its make- 
up the collection of skills, insights, and 
experiences of those individuals. It is 
that blending of capabilities which 
brings the team its potential for success. 

As teamwork becomes more impor- 
tant to our success as system profes- 
sionals, it is also becoming a skill to look 
for in people joining our organizations. 
Unfortunately, teamwork skills are not 
on the top 10 list of college taught skills. 
Teamwork is one of those soft skills best 
developed through trial-and-error expe- 
rience. Some of the qualities of a good 
team member include: 


1. Good listening 

2. Clear, concise communication 

3. Ability to make and keep commit- 
ments 

4. Ability to defend personal prefe- 
rences and ideas 

5. Willingness to compromise your 
preferences for the good of the 
group 

6. Willingness to assist others when 
required 

7. Being prepared to follow the team 
leader, or assume leadership when 
needed 


Among the strategies that can be 
used to assess these qualities, I have 
found role playing to be very effective. 
In role playing you propose a situation 
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to the individual and then ask how he 
would deal with it. Use some team expe- 
riences of your own to build up these 
scenarios, putting the person in anoth- 
er’s shoes. Also assess leadership skills 
by outlining a conflict between team 
members in the scenario. Glean from 
the individuals some of their ideas and 
preferences and then challenge them 
with a scenario in which they would 
need to compromise. By assessing the 
person’s experiences on teams, and then 
asking them specific questions about 
their role, you can quickly determine 
possible areas for improvement or areas 
of particular strength. Don’t be afraid 
to share your assessment with the per- 
son later on. 

Teamwork is a powerful concept. It 
can be a springboard to success or a for- 
mula for disaster. When you are in the 
back country for 10 days, you have little 


opportunity for assessment; you need 
to make it work. Don’t get caught with 
a team that can’t pull together; do your 
homework and you'll be amazed at what 
will happen. 0 


Paul Gerwitz is chairman of the CSL com- 
muattee and 1s a technology specialist at Eastman 
Kodak Company in Rochester NY. He can be 
reached at (716) 477-3067 or e-mail at 
gerwitz@interex. org or gerwitz@kodak. com. 
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HP 1000 Guru 


QQz | just discovered the existence of the PASSWORD command in GRUMP. 
Actually, one of my users discovered this for me, and in the process noticed he was 
allowed to change the password for any user on the system. Of course, he still needed 
to know the user’s password to be able to change it, but still, this behavior doesn’t seem 
right to me. Only superusers should be able even to attempt a PASSWORD command 
on other users. The PASSWORD command for normal users should be restricted to 
allow them only to change their own password, not the password of other users. 


AA: Yes, this is true. GRUMP gives normal users the capability to change the pass- 
word for any user on the system. 

The workaround for this is easy if you are using SECURITY/ 1000. It turns out that 
if SECURITY is being used, then a user must have a capability of 25 (still not 
super (31)) to use the PASSWORD command on other users. If a capability 20 user 
attempts the password command, the following error is reported: 


GRUMP> PA WALT 
Capability level not high enough to perform PASSWORD command. 


So as long as users have a capability of less than 25, they will not be able to use 
the PASSWORD command. Otherwise, see the next question. 


QQ: Can I change the capability level required to use the PASSWORD command 
in GRUMP, and how is this done? 


AX: Buried in the System Manager manual lies the complex answer to this ques- 
tion. Modifying capability levels requires the following: 


1. EDIT the file: /veplus/security. tbl 
This file contains all the default capability levels for system calls and commands. 
For the GRUMP commands, look around line 432 for the following: 


passwd 0 25 0 0 *change user password (1) 


Change the value 25 to 31. This is the required capability. 
2. Run STGEN on this modified file as follows: 


CI> STEGN SECURITY.TBL - - - 


This will create the files: 
SECURITY.LST SECURITY.MAC SECURITY.REL 


LISTING 1 Prog! 


” $CDS ONS 
SHEAP 25 
PROGRAM progl (input, output) ; 
label 99; 


3. Regenerate your system, using this new SECURITY.REL const 


. a alloc_flags = 0; 
in the System Messages section of your answer file. dealloc_flags = octal(‘40000’); { unlock } 
4. Reboot using this new system file. 
‘ais ve int = -32768..32767; 
, This process can be used to modify any existing capabilities eae 
in SECURITY/ 1000. rec_t = record 


Veal + int: 

str : packed array[1..10] of char; 
end; 
ptr_rec oreo =; 
flag_rec = record 

wordl : int; 


QQ: Is it possible it create an RTE readable tape using dd on word2 : int; 
end; 
an HP 9000? 
pl + ptr rec; 
p2 : ptr rec; 
= : Grr { inc; 
AA: Yes. Let’s assume you have an FST archive file on an HP flags : flag_rec; 
9000 system and need to move this to an HP 1000 that has Gupcties eal lice iege | fag eee: ver ae) 
no network access. (2 ee 


function xema2_alloc(flags : flag_rec; var err : int) 
You can use dd on the 9000 to create a tape that will be : ptr_rec; external; 


function RteReturnShema(addr : ptr_rec; flags : int) : int; external; 
readable by FST on the 1000. Use dd as follows: 
procedure exec_7 Salias ‘EXEC’S (x:int); external; 


Lf= = i = begin 
$ dd if=filename of=/dev/rmt/tapedrive obs=10240 fo 
flags.word2 := 0; 
pl := xemal_alloc(flags, err); 
where: if pl = nil then 
% ‘ begin 
filename is the FST archive file on the HP 9000 eben bees i ee ce ee, 
tapednve is the device file for the tape drive > 
end; 
(Note: the DDS tape drives must be similar on both p2 := xema2_alloc(flags, err); 
Fi rs . LE p2 = nil Chen 
machines. If the 9000 tape drive uses compression, the 1000 bee 
: : writeln(‘prog2: init #2 failed, err=’,err); 
tape drive must be capable of reading compressed tapes.) oo 
In this example, obs=10240 sets the output file block size — 
to 10,240 bytes. This only affects the performance, especially pl*.val := 11111; 
. ‘ * pl*.str := ‘aaaaaaaaaa’; 
for dds tape drives. It is not required. ee ae, 
Once dd has written the tape, it can be read using FST on DOD 


the HP 1000 just like any normal FST backup tape. p2*.val := 22222; 


p2°.str := ‘bbbbbbbbbb’: 

writeln('‘val #2 =’, p2*.val); 

writeln(‘str #2 =’, p2*.str); 

writeln(‘wait for prog #2 to finish, then type GO’); 


exec_7(7); 
Qa Is there a ‘tail’ utility for the 1000? 
Writeln('val #1 =", pl%.val)> 
Writeln(‘str $1 =', pl®. str); 
writeln(‘val #2 =’, p2*.val); 
writeln(‘str #2 =’, p2*,str); 


AX: Newin the CSL this year is a tail program that emulates 


the HP-UX version. Or you can use the following simple script: 
flags.wordl := dealloc_flags; 


err := RteReturnShema(p1, flags.word1); 
if err <> 0 then 


? writeln(‘progl: dealloc #1 failed, err=',err); 


* The following script runs LI on the specified file name eee eee, feces eed 
* in $1, and displays the last ‘window’ (20 lines). if err <> 0 then 


writeln(‘progl: dealloc #2 failed, err=',err); 
* 


li =o /Sl? $1 


* 
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LISTING 2 Prog2 


SCDS ONS 
SHEAP 25 
PROGRAM prog2 (input, output) ; 


label 99; 
const 
alloc_flags = 0; LISTING 3 RAN : 
dealloc_ flags = octal(‘40000’‘); { unlock } FORT: Subroutine 
type 
ant = -32768. 32/67; 
btype = packed array [1..16] of char; ftn7x 
rec = record $cds on 
val : int: 
str : packed array [1..10] of char: integer*4 function eaddr (a) 
end; : 
. integer*4 a 
ptr_rec = “rec: 
flag_rec = record eaddr=a 
wordl : int; return 
word2 : int: end 
end; 
var 
perl +: ptr rec: Sema /xemal/ 
ptr2 : ptr_rec; ¢ xemal_alloc will allocate an extended shema of 1 page 
flags : flag_rec; integer*4 function xemal_alloc(flags, err) 
err : int: implicit none 


function xemal_alloc(flags : flag_rec; var err : int) 
: ptr_rec; external; : 
function xema2_alloc(flags : flag_rec; var err : int) integer*2 err 
{ pir rec; external; 
function RteReturnShema(addr : ptr_rec; flags : int) : int; external; integer*2 e1(1024,1) ! Space for sec shema #1, 1024words*1 page 


common /xemal/ el 


integer*4 flags 


procedure exec_7 Salias ‘EXEC’S (x:int); external; 


begin inteéger™2 size 
integer*2 RteAllocShema 
writeln(‘wait for prog #1 to suspend, then type GO’); integer*4 eaddr 
exec_7(7); 
Sage word! -= alloc flags, size = 1 ! We will be sharing 1 page 
flags.word2 := 0; err=RteAllocShema(‘xemalname’, size, el, flags) 
err = 0; if(err.ne.0) then 
ptrl := xemal_alloc(flags, err); xemal_alloc=0 
af ptrl = nil then blac 
begin 
wriiteln(‘prog2: alloc #1 failed, err=', err); xemal_alloc=eaddr (el) 
goto 99; endif 
end; end 
ptr2 := xema2_alloc(flags, err); 


Sema /xema2/ 


if ptr2 = nil then 
¢ xema2_alloc allocates another shema 


begin 

writeln(‘prog2: alloc #2 failed, err=', err); integer*4 function xema2_alloc(flags, err) 

goto 99; implicit none 
end; 

* 

writeln(‘prog2: val #1 = ', ptxl°.val); _ oF 
writeln(‘prog?: str #1 = °. ptrl*.str)- integer*2 err 
writeln( prog]: val #2 = ‘, ptr2°.val); 
weiteln( prog2; gtr #2 =, ptr2” ctr], integer*2 e2(1024,1) ! Space for sec shema #2, 1024words*1 page 


ca : 99 common /xema2/ e2 
ptrl .val := ; 


Perl .6tr (= ceccececca |; : / 
ptr2*.val := 88: integer*2 size 
ptr2° str -= dddddddddd’ ; integer*2 RteAllocShema 
integer*4 eaddr 
writeln(‘prog2: val #1 = ', ptri*.val); 
writeln(’prog2: str #1 = |, piri” str): ce 
writeln(‘prog2: val #2 = ‘, ptr2%.val); a 
writeln(‘prog2: str #2 = ‘, ptr2*.str); err=RteAllocShema('xema2name’, size, e2, flags) 


if(err.ne.0) then 
flags.wordl := dealloc_flags; xema2_alloc=0 
err := RteReturnShema(ptr1, flags.wordl); 


af err <> 0 then else 

writeln(‘prog2: dealloc #1 failed, err=', err); xema2_alloc=eaddr (e2) 
err := RteReturnShema(ptr2, flags.wordl); endif 
if err <> 0 then end 

writeln(‘prog2: dealloc #2 failed, err=’, err); 


writeln(‘prog2 done!!’); 
09: 


end. 
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We have a legacy HP 1000 application written in Pascal. LISTING 4 
We would like to utilize the new for 6.0 Multiple Shared 
EMA capability, but are having a hard time getting it to work 
from Pascal. Are there any examples of this specifically for Se coeeriane Bie for FROG! 
Pascal? sz, 32 


Link Command Files 


em,,1 
es,xemal,2 
es,xemaz2,3 


X= Yes. The HP 1000 lab has come through with sample 1 eee ca Le 


programs for Pascal that use the new Shema model. The re,ppasi.rel 


PASCAL programs require a FORTRAN subroutine. re,pftn.rel 
There are two Pascal programs that communicate ro 
through two shemas. Each contains FORTRAN routines 


that declare the common blocks and call RteAllocShema. LINK command file for PROG? 


Prog] initializes the data, then calls exec(7) to wait for 
SZ, 32 


the second program to reset it. Prog2 calls exec(7) to : 
em, , 


wait for the first program to set the data. These are in os sem 2 
Listings 1-4. i es,xema2 , 3 


li,pascal_cds.lib 
re, ppas2.rel 
re,pftn.rel 


a en, prog2 
Walt Boeninger works in the HP Response Center in Mountain View, 


California. He has been supporting the HP 1000 for 15 years. Ais 
e-mail address is: walt@hpwrexe.mayfield. hp.com. 
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Answers 
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by Anita Harris 


QQ! 1 am writing an application for HP-RT 2.11 and 2.20 that uses POSIX func- 
tions in C++. I find that when I compile and link my program using: 


SHPRTroot/hpux/bin/CCrt prog.C -oprog -lp 


I get undefined symbols that should have been defined in the POSIX library 
libp.a. libp.a should have been searched by specifying -1p in the compile string. 
What is wrong? 


4X: The problem you are running into can be resolved by using the following 
compile/link string: 


SHPRTroot/hpux/bin/CCrt prog.C -oprog -1C -lp 


This will ensure that the HP-RT version of the C++ library, libC.a, is searched 
before the HP-RT version of the POSIX library, libp.a. Without specifying -1c, 
CCrt(1) will direct ld(1), by default, to search libC.a after any libraries specified in 
the runstring. This causes a problem when the POSIX library is needed because 
there are references to POSIX functions in the “bC.a routines. By searching LbC.a 
before libp.a, these symbols are resolved. 


QQ: Lam using the cert(1) and CCrt(1) scripts to compile and link my HP-RT appli- 
cations. I know that this will set up searches of the HP-RT versions of the libraries 
and that HP-UX libraries are also searched. I’m confused about the search order, 
though. Will you please clarify this for me? 


4#&= The CCrt(1) and ccrt(1) scripts simply set up environment variables that are used 
by CC(1) and cc(1) to search the correct libraries from both HP-RT and HP-UX for 
compiling and linking HP-RT applications. The library search order that is defined 
within CC(I) and cc(1) has not changed. The linking rules also remain the same. 
Use the same options for CCrt(1) and ccrt(1) as you would for CC(1) and cc(1). Let’s 
look at the CCri(1) script for a 2.11 HP-RT Operating system. 


# cat SHPRTroot/hpux/bin/CCrt 
#! /bin/sh 


# Copyright Hewlett-Packard Co. 1991 
# @(#)HPS1106 B.01.00 HP Embedded Systems Toolkit 09/09/91 


CCINC=/usr/include/CC 
INC=SHPRTroot/usr/include 


ULIB=/usr/lib 
LIB=SHPRTroot/lib 


HP_CC_REVISION=*/usr/bin/what -s /bin/cc |sed ‘-e s/*[*.]*[.]\ 
((0=9] (0-97 \) [.]\( [0-9] [0-9] \) .*/\T\2/" =e ‘s/0\ 


(10-9) (0-9) 10=9]\) /\1/" =e */\/eesa"” 


FIXED="+A +DA1.1 -DHP_CC_REVISION=SHP_CC_REVISION” 


: ${ST_CXXSTDINCL: =$CCINC: SINC} 


: ${ST_CC:=/bin/cc} 
: ${ST_CPP_COMPAT: =$ULIB/cpp} 


: S{ST_CPP_ANSI:=SULIB/Cpp.ansi} 


: ${ST_CCOM:=/lib/ccom} 

: S{ST_ASSEM:=/bin/as} 

: ${ST_LD:=/bin/1d} 

: ${ST_PRE:=/lib/pcc_prefix.s} 
: ${ST_LIBC:=SLIB/libc.a} 


: ${ST_LIBCL:=$ULIB/pal.1/libcl.a} 


: S${ST_CRT:=SLIB/crt0.o} 

: ${ST_DLD:=$LIB/libdld.a} 

: ${ST_LIBM:=SLIB/libm.a} 

: ${ST_CRTX:=/lib/crtx.o} 

: ${ST_LIBH:=$LIB/1lib} 

: ${ST_LINKCAT:=SLIB/1d.cat} 
: ${ST_CCAT:=$LIB/cc.cat} 


: ${ST_ACAT:=/lib/as_msgs.cat} 


: ${ST_XDBEND:=SLIB/end.o} 
: ${ST_MILLI:=/lib/milli.a} 
: ${LD_PXDB:=/usr/bin/pxdb} 
: ${LPATH:=SULIB} 

: ${CCLIBDIR:=S$LIB} 

: ${TMPDIR:=/tmp} 


if [ S# -eq 0 ] 
then exec /usr/bin/CC SFIXED 


else exec /usr/bin/CC $FIXED “S@” 


fi 


; export ST_CXXSTDINCL 
; export ST_CC 

; export ST_CPP_COMPAT 
; export ST_CPP_ANSI 
; export ST_CCOM 

; export ST_ASSEM 

; export ST_LD 

; export ST_PRE 

; export ST_LIBC 

; export ST_LIBCL 

; export ST_CRT 

; export ST_DLD 

; export ST_LIBM 

; export ST_CRTX 

; export ST_LIBH 

; export ST_LINKCAT 
; export ST_CCAT 

; export ST_ACAT 

; export ST_XDBEND 

; export ST_MILLI 

; export LD_PXDB 

; export LPATH 

; export CCLIBDIR 

; export TMPDIR 


HP-RT C++ applications using CCrt(1) to compile/link will use the 


following search rules: 


1. Any libraries specified in the CCrt(1) runstring with 


-L<directory_path> -1l<x> 


will be searched first. 
2. Next, libraries specified in the CCrt(1) runstring 
with 


-l<x> 


will search the path specified in the CCrt(1) script 
defined in the CCLIBDIR environment variable. 
($HPRTroot/lib) 

3. The CCrt(1) script specifies the environment 
variable LPATH (/usr/lib). This sets up the default 
directory path for library searches if symbols are 
not resolved by a search of the HP-RT library 
directory defined by CCLIBDIR. 

4. You will notice that the CCrt(1) script also defines 
several other environment variables that CC(1) will 
use for defining libraries for the link editor, ld(1), 
to search. For example: 


ULIB=/usr/lib 
LIB=SHPRTroot/lib 


: S${ST_LIBC:=SLIB/libc.a} ;export ST_LIBC 
: ${ST_LIBCL:=S$ULIB/pal.1/libcl.a} ;export ST_LIBCL 


The variables ST_LIBCand ST_LIBCL define the loca- 
tion that CC(J) directs ld(1) to use when it is searching 
libc.a and libcl.a. So, when the libcl.a library is searched, 
/usr/lib/pal. 1/libcl.a from HP-UX will be used. When libc.a 
is to be searched, it will use the BHPR Tivot/lib/libc.aversion. 

The search path is very similar when using ccrt to com- 
pile/link applications. 


1. Any libraries specified in the ccrt runstring with 
-L<directory_path> -l<x> 


will be searched first. 
2. Next, libraries specified in the ccrt runstring with 


-l<x> 
will search the $HPRTroot/lib directory. This is 


because the script sets the LPATH environment 
variable, making this the default directory for 
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-l1<x> library searches. 

The cc(1) compiler will similarly use environment variables to determine 
where to search for other default libraries. It will use a predetermined order 
defined by cc(1). 


You can use the -v option in the compile runstring to display the actual order that 


CC(1) and cc(1) instruct ld(1) to use. 


QQz I have a PCMCIA flashdisk that I would like to boot a Ramdisk-based system 
from. I want to use this for running diagnostics and I do not want networking set 
up. I would like it to be strictly memory-based. Is this possible? 


AA: ¥es, this is possible. 


iL. 


Make a customized copy of the $HPRTroot/etc/conf/ramdisk.def file to include 
only the programs you want in your Ramdisk-based system. Use the 
guidelines in the ramdisk.def file itself to determine the minimum file set and 
add programs as desired. 

Modify the $HPRTroot/etc/ramdisk/rc file so that it does not try to execute 
Mount_Target or any other programs that no longer exist. This will eliminate 
network setup. 

Build your new ramdisk kernel. 


# make -f SHPRTroot/etc/conf/hp-rt.make CPU=s743 PCMCIA= RAM= \ 
RAMDEF=SHPRTroot/etc/conf/<custom_ramdisk_filename> \ 
KERNEL_FILE=<your_kernel_ file name> 


Configure and boot a disk-based PCMCIA kernel. See the HP Z5117A 
PCMCIA Adapter Installation and Users Guide, Chapter 4, for information on 
how this is done. 

FIP your Ramdisk kernel to the PCMCIA disk-based file system. Remember 
to change the file permissions after you have transferred the file to the disk. 
Boot your new Ramdisk-based kernel: 

a. Halt your 743rt system: 


# /etc/reboot -h 
b. Reset the 743rt. 
c. Select the PCMCIA flashdisk as your boot device. 
d. From the ISL prompt: 


ISL> rtboot -a -rramdisk /your_kernel_file name 
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You should now be running your 
Ramdisk-based system. 


QQ: | want to install HP-RT Revision 
2.2 into directory /HP-RT on my HP- 
UX 10.10 host. It will only let me install 
to /opt/HP-RT. Am I no longer able to 
install to /HP-RT? 


AA? Itis no longer possible to install 
directly into the HP-UX root directory 
when using /usr/sbin/swinstall. What you 
need to do is create a symbolic link 
pointing to /HP-RT from /opt/HP-RT: 


# ln -s /opt/HP-RT /HP-RT 


Then you can run swinstall(1M) and 
install the HP-RT bundle. It will install 
to /opt/HP-RT but you can access it 
using /HP-RT the same as you did with 
previous revisions. 


QQ I want to install HP-RT software 
into multiple trees on the same system. 
I don’t see how to change the target 
location using swinstall. Can this still 
be done? 


AA? ¥es, you can still install HP-RT soft- 
ware into multiple locations using 
/usr/sbin/swinstall. Assume, for exam- 
ple, that you have already installed soft- 
ware onto the /opt/HP-RT tree and you 
now want to install it onto /HP-RT_2. 2. 


1. Log on as root. P 

2. Run /usr/sbin/swinstall. 

3. From the ‘Options’ menu, select 
‘Change Options...’ 


4. Mark the ‘Allow creation of 


multiple versions’ selection. 
5. Open the software bundle you wish to install: 


B5487AA > A.02.20 HP-RT Developer’s Kit 
6. Select the product to install: 
HPREOS-PRD -> A.02.20 HP-RT Core Product 


7. From the ‘Actions’ menu, ‘Mark for install’ 
8. Select the product again: 
HPREOSPRD -> A.02.20 HP-RT Core Product 
9. From the ‘Actions’ menu, ‘Change Product Location’ 
10. Mark the ‘Other Location’ selection 
11. Enter the parent directory path where you wish to install the 
HP-RT root tree: 
Path: /HP-RT_2.2 


12. Select ‘OK’ 


The software will be installed into the directory /HP-RT_2.2 for 
our example, but you will see by investigating the /var/adm/sw/ 
swagent.log file that it has not been configured. You will need to run 
sweonfig separately for each product you are installing into /HP- 
RI 22. 

Do this as follows: 


# swconfig -x allow_multiple_vertions=true <product_name>, \ 
l=<parent_directory_path>, \ 


r=<revision> 
For our example, do: 


# swconfig -x allow_multiple_versions=true HPRT-OS-PRD, \ 
]=/HP-RT_2.2,r=A.02.20 


You can see by checking the /var/adm/sw/swagent.log that your 
software has now been installed and configured into the /HP- 
RT_2.2/HP-RT directory. Check /var/adm/sw/sweonfig.log for infor- 
mation on what sweonfig has done. 

Using this method allows you to track software installation by look- 
ing at the /var/adm/sw/swagent.log file. swinstallwill make entries in this 
file to show what has been installed on your system, where, and when. 


QQz 1 want to create a recovery system that will work with a graphics 
console. When I try to boot the one I created following the directions 


in the HP-RT System Administration Tasks manual, Chapter 
4,”Making a Recovery System,” it starts to boot on the 
graphics console but then the output disappears. I assume 
that it reverts to the RS232-port A. What do I need to do? 


AA: You need to modify $HPRTroot/etc/conf/ 
recovery/make_recover to add GRAPH3= to the hp-rt.make 
make options in the file as follows: 


MAKE _OPTIONS="RAM= NONFS= NONFSS= NOPTY= NOLANO= 
NOTCPIP= GRAPH3=” 


This will make the recovery system include the X11 
SERVERrt device drivers in the kernel file so that the re- 
covery kernel can communicate with the graphics console. 

Also, if you are going to use a graphics console to build 
an install kernel and a disk-based system, you will need 
to make similar modifications to the SHPRTroot/ 
hpux/adm/BuildKernels file. 

In the “Building install kernel...” section, add the 
GRAPH3= option to the make command: 


b 


/bin/make -f£ SCONF/SFILE.make RAM= KERNEL_FILE= 
SINST_KRNL \ 
CPU=SCPUtype RAMDEF=SINST_DEF GRAPH3= SKERNpcmcia 


In the “Build the disk-based kernel...” section, add the 
GRAPH3= option to the make command: 


/bin/make -f SCONF/S$FILE.make CPU=SCPUtype RDB= 

SKERNpcmcia \ 
SKERNbpn SKERNstrms $KERNx1l1srv SKERNsnmp GRAPH3= \ 
KERNEL _FILE=SDISK_KRNL 


Then you will be able to install a disk-based system 
using your graphics console. i) 


HP-RT Operating System questions are answered by Anita Harris, 
a support engineer in the HP-RT Worldwide Technology Expert 
Center. She has worked with Real Time systems for 12 years as a 
customer, a Real Time Response Center Engineer, and HP-RT 
WIEC Engineer. She can be reached at harrisa@mayfield. hp.com. 
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New Products 


Multiplatform Programmer’s Editor 

Vital Inc. has released CRiSP Version 
5, a cross-platform programming text 
editor for X Windows, Windows, and 
character -based environments. The user 
interface provides easier navigation for 
both programmers and casual users. 
Complete documentation is now avail- 
able online in hypertext format on all 
UNIX and Windows platforms. 

CRiSP v5 integration with multiple 
source code control systems provides 
integrated check in/check out facility 
from within, resulting in a highly inte- 
grated development environment. Users 
can now Create and paste language- 
specific templates visually from within 
the editor. It is now easier to add col- 
orizer definitions for specialized lan- 
guages, as well. Dynamic colorization 
and printing is supported for over 50 
languages, including Java and HTML. 

Users can now perform search- 
ing/replacing and other advanced arith- 
metic operations within columnar 
ranges. CRiSP v5 is completely encap- 
sulated with HP Softbench and other 
development environments. Keyboard 
emulation is provided for Wordstar, 
BRIEF, vi, and CUA. 

CRiSP v5 is available on HP-UX and 
other platforms. It is priced starting at 
$149.99 on Linux, $249.99 on Windows, 
and $349.99 on UNIX. 

Contact Vital Inc., phone: (214) 491- 
6907, fax: (214) 491-6909, e-mail: 
info@vital.com, URL: http://www. 
vital.com. 


X Window Reference 

Digital Press has announced X 
Window Systems: Core Library & Standards, 
by Robert W. Scheifler and James Gettys. 
The first volume of the updated refer- 
ence includes new information on X 


Version 11, Release 6.1. 

Authored by the experts who origi- 
nally designed and implemented the X 
Window system and with new, significant 
input from X Window Consortium mem- 
bers who have helped evolve X Version 
11, Release 6, this fourth edition is a 
major revision of this definitive reference. 
Updated to conform with the latest 
released software (X Version 11, Release 
6.1), this edition also has been reorga- 
nized into three separate books to make 
each more usable for its targeted audi- 
ence. Each volume provides its own com- 
prehensive subject-oriented index that 
further enhances its overall value. 

X Window Systems: Core Library & 
Standards, a 400-page paperback (ISBN: 
1-55558-154-4), is $49.95. 

Contact Digital Press, fax: (617) 928- 
2620. 


COBOL Application Migration 

Unidata, Inc. has announced Version 
2.1 of COBOL Direct Connect, designed 
to extend the life and utility of existing 
legacy COBOL applications. 

COBOL Direct Connect brings 
Unidata’s “nested” relational database 
management system to existing COBOL 
applications. It can migrate COBOL 
applications and associated indexed file 
structures to open systems without sig- 
nificant data file restructuring, code 
reengineering, or performance penalty. 

The product currently supports 
COBOL code running RM/COBOL, 
Micro Focus COBOL, and Acucobol. It 
is available on HP-UX and other UNIX 
systems. 

Unidata estimates that companies 
choosing an incremental migration 
path revolving around COBOL Direct 
Connect can achieve performance 
improvements of 4 to 10 times over 


Now IEM offers Alexandria Network Backup Librarian with high-speed DLT libraries, so you can relax 
while your network backs up FAST! With DLT4000 drives, the single drive transfer rate is up to 3 MB/sec. 
with 2:1 compression; with 9 drives, the library throughput is up to 97.2 GB/hour! DLT4000 cartridge 
capacity is 40 GBytes with 2 :1 compression. 
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Alex supervises every facet of your heterogeneous 
UNIX network backup: 


Alex backs up to DLT libraries 
with 2 to 9 DLT4000 drives 
and 28 to 264 cartridges. 


¢ Organizes and 
automates your 


These libraries are so reliable system backups 


that they include a full one-year 
on-site warranty with 
next business day response. 


¢ Manages all of 
your backup 
media 


Alex also backs up to IEM's 


e Performs cold 


4mm and 8mm carousels and database backups 
autofeeders, as well as of Oracle, Sybase 
3480 tape libraries and and Informix 
HP's optical libraries. databases 


e Performs hot 
backups of Oracle 
databases with 
an additional 


module 
IEM: Providing Solutions for a Lights-out Environment 

In the U.S. and Canada: In the United Kingdom: All others: 
IEM, Inc., P.O. Box 1889 IEM, Inc., Unit 6, Salisbury House, IEM International Sales 
Fort Collins, CO 80522 USA Wheatfield Way, Hinckley Fields, 1629 Blue Spruce Drive 
Phone: (970) 221-3005 Hinckley, Leicester LE10 1YG Fort Collins, CO 80524 USA 

(800) 321-4671 Phone: +44 (0)1455 239000 Phone:  +[{1] 970-221-3005 
Fax: (970) 221-1909 Fax: +44 (0)1455 239668 Fax: +[1] 970-221-1909 

© 1996 Anis Inc. AD1.0496 email: info@iem.com http://www.iem.com 
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what could be achieved by applications 
rewritten with embedded SQL. Once 
stored in UniData RDBMS, legacy 
COBOL applications can benefit from 
a rich application development envi- 


ronment and database interoperability 
products. 

Contact Unidata, phone: (303) 294- 
0800, fax: (303) 293-8880, e-mail: 
unidata@unidata.com. 


Data Access 

Robelle Consulting Ltd. has 
announced Version 3.8 of the Suprtool 
data access utility for HP-UX. Suprtool/ 
UX can now access Oracle views, in addi- 
tion to reading and writing data files with 
fixed-length records. Suprtool/UX now 
allows users to select and sort data from 
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Oracle and to link mul- 
tiple tables into a single 
file for subsequent 
reporting or process- 
ing. A new Suprtool 
module, STExport, lets 
users prepare data for 
export from HP-UX to 
virtually any other appli- 
cation or operating 
platform, without re- 
quiring users to write 
custom programs. 

With Suprtool/UX, 
Oracle users benefit 
from the familiar SQL syntax for Oracle 
selections, while users migrating from 
MPE can use the same commands in 
HP-UX as in Suprtool/MPE. Users can 
choose between SQL or Suprtool sort 
commands, using the one that gives the 
best performance. 

With STExport, users can now pre- 
pare data in formats that can be 
imported into spreadsheets, MS Access, 
and Oracle on such platforms as PCs 
and UNIX. 

Suprtool/UX 3.8 is being shipped to 
all users who have an active support con- 
tract. Robelle charges the same price 
for all models of HP-UX processor. 

Contact Robelle, phone: (800) 
561-8311 or (604) 582-1700, e-mail: 
info@robelle.com. 


Online Backup for Informix 
Databases 

Legato Systems, Inc. has an- 
nounced its NetWorker Database 
Module for Informix, which pro- 
vides storage management services 
for INFORMIX-OnLine Dynamic 
Server’s enhanced backup and 
restore utility. This allows database 
administrators to back up Informix 
databases while they remain online 
and in use. Legato’s Database Module 
allows frequent, regularly scheduled 
“lights-out” database backups to ensure 
high system availability. 

The Database Module features fully 
unattended, “lights-out” operation and 
includes the ability to schedule partial 
or full backups on a regular or rotating 
schedule. NetWorker also offers support 
for a wide range of optical and tape 
devices, including autochangers, which 
minimizes operator intervention. 

Legato’s Database Module for 
Informix was scheduled to begin ship- 
ping in September 1996 and will 
be available on HP-UX and other UNIX 
systems. 

Contact Legato, phone: (415) 812-6000, 
fax: (415) 812-6032, faxworker: (415) 812- 
6156, URL: http://www.legato.com. 


Book on UNIX Clusters 

Prentice Hall PTR and Hewlett- 
Packard Professional Books have 
announced Clusters for High Availability 
by Peter S. Weygant, the complete guide 
to using clusters of UNIX computers to 
gain high levels of availability and HP’s 
cluster solutions at work. 

Clusters for High Availability explains the 
basic concepts, architectures, and termi- 
nology of high availability using clusters 
and gives a broad outline of how HP’s 
cluster solutions work. The book describes 
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how high-availability clusters can be con- 
figured to eliminate single points of fail- 
ure in power systems, disks, processors, 
network components, and software. 

The book features coverage of HP 
high-availability products and presents 
suggestions for developing high-avail- 
ability solutions in publishing, mail order 
catalogue sales, brokerage services, insur- 
ance, and other industries. 

Clusters for High Availability, by Peter 
Weygant (ISBN 0-13-494758-), is priced 
at $27. 

Contact Prentice Hall PTR, phone: 
(201) 236-7139, fax: (201) 236-7131. 


Free Java Library Use 

ObjectSpace, Inc. has announced 
that the Java Generic Library (JGL) is 
now available for free commercial use. 
The Java Generic Library is designed 
specifically for performance and use in 
a distributed environment and is com- 
pletely compatible with Sun Micro- 
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systems’ Java Developer’s Kit (JDK). 

ObjectSpace has augmented the Java 
Developer’s Kit by leveraging technology 
from ObjectSpace C++ toolkits and other 
vendors’ libraries to form the Java 
Generic Library. The JGL algorithms can 
be used independently of the JGL con- 
tainers and can be applied to native Java 
arrays of objects, native Java arrays of 
primitives, all Java Generic Library con- 
tainers, and java.util. vectors from the 
existing Java Developer’s Kit. This enables 
the JGL to remain small and efficient. 

The standard Java Generic Library 
release includes full source code, online 
HTML documentation, comprehensive 
examples, a 100-page tutorial, and a 
suite of performance benchmarks. 

The Java Generic Library is free and 
available from the ObjectSpace Web site 
(hitp://www.oljectspace. com) . 

Contact ObjectSpace, phone: (214) 
934-2496, fax: (214) 663-9100, e-mail: 
jgl@objectspace.com. 


Healthcare and Process 
Manufacturing 

Avnet Computer and Ross Systems have 
jointly announced the CONTINUUM/ 
TS integrated solution targeted at health- 
care and process manufacturing organi- 
zations. The joint program is an outcome 
of the Avnet Computer/Ross Systems 
Alliance, formed earlier this year. 

Designed to meet financial, techni- 
cal, and process manufacturing needs, 
the CONTINUUM/TS solution features 
high-performance, open systems hard- 
ware from either DEC, HP, or IBM; 
Renaissance CS client-server software 
from Ross Systems; and Avnet Com- 
puter’s technical and financial consult- 
ing services to both manage and execute 
technology platform migrations. 
Through CONTINUUM/TS, customers 
can acquire computer systems, work- 
stations, peripherals, or entire networks 
and exchange them for new technology 
when it becomes available. The cost is 
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a fixed monthly fee that is generally less 
than current operating expenses. 


Contact Avnet Computer, phone: 
(602) 414-3304, fax: (602) 414-5507. 


Technical Desktop Printing 

AutoGraph International (AGI) has 
announced a suite of imaging and print 
ing tools fof workstations. 

With EasyCopy/X 5.0 a user captures 
and prints screen images and raster files 
to raster, PCL, RTL, and PostScript print- 
ers. A new, optional module, Easy- 
Copy/Graphics, enables users to load, 
display, and print the most commonly used 
vector files. It prints to the raster and/or 
PostScript printers currently in use. 

The new EasyCopy/X also features a 
direct link to With EasyCopy/Scan, a 
new scanning solution. The module 
functions as a stand-alone program or it 
may be installed as an integrated part of 
either With EasyCopy/X or FleXprint. 
Another option, EasyConvert, allows for 
quick file conversion of raster formats. 
EasyCopy/NT supports output of screen 
captures and selected file formats to 
raster and PostScript printers by means 
of the Windows drivers. FleXprint 2.0, 
an image printing system for PostScript 
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level 2 printers, intelligently interprets 
the printer’s options and features while 
ensuring the automatic support for 
future PostScript printers. 

The AGI suite of printing and imag- 
ing tools is available on CD-ROM. The 
products will run in demo mode until 
a license is purchased. EasyCopy/X pric- 
ing begins at $395, while FleXprint starts 
at $695 for single-user licenses. The com- 
panion programs are individually priced. 
EasyCopy/Scan is priced at $695 for a 
single user; EasyCopy/NT licensing is 
$149 for a single user; EasyConvert and 
FleXimage pricing starts at $195. 

Contact AutoGraph International, 
phone: (408) 436-7227, fax: (408) 436- 
7255, URL: http://www.augrin.com. 


Enterprise Client-Server 
Development 

Andersen Consulting has announced 
Version 3.x of FOUNDATION for 
Cooperative Processing (FCP), which 
features new OpenRamp technology 
that easily integrates popular workgroup 
applications and development tools into 
the FCP enterprise architecture. FCP, 
which consists of a high-performance, 
open architecture and toolset, is a widely 
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used enterprise client-server application 
development environment. 

FCP OpenRamp enables developers 
on Windows NT to use OLE-based work- 
group development tools, such as Visual 
Basic or PowerBuilder, to build inter- 
faces and client-side logic for FCP-based 
enterprise systems to leverage existing 
client-side skills and to migrate existing 
applications built with these tools into 
the FCP enterprise architecture. 

A fully configured FCP 3.x develop- 
er toolkit software license, which 
includes OpenRamp, is priced at 
$10,800. Applications built with FCP can 
be easily generated to run on HP-UX 
and other server platforms. 

Contact Andersen Consulting, 
phone: (847) 7144000. 


Network Connectivity 

Specialix Inc. has announced the new 
JETSTREAM products for WAN/LAN, 
TCP/IP, and Remote Access Servers. The 
JETSTREAM line expands Specialix’s 
terminal server product range, adding 
cost-effective (and improved) network 
connectivity. 

The JETSTREAM 6000 is an 8-port 
terminal server that is upgradable to 16, 
24, and 32 ports, with the use of clip-on 
modules. JETSTREAM 6000 supports 


rlogin/telnet, multisessions, download- 
able terminal definitions, and printer 
or modem grouping. 

JETSTREAM 7000 and 7500 are 
expandable from 8 to 16 ports and pro- 
vide a single point of entry for remote 
access and WAN applications such as 
LAN bridging, home and remote office, 
and Internet and database access. The 
products support SLIP/PPP, 115.2-Kbps 
line speed, and hunt group capability, 
as well as SNMP (MIB IT), BOOTP, net 
rebooting, and downloadable terminal 
definitions. 

JETSTREAM 6000 is priced at $1,695. 
JETSTREAM 7000 is priced at $1,795. 
JETSTREAM 7500 is priced at $2,395. 

Contact Specialix, phone: (800) 
423-5364 or (408) 378-7919, e-mail: 
info@specialix.com. 


Expert Systems Tool 

Production Systems Technologies, 
Inc. has announced CLIPS/R2, the first 
implementation of CLIPS to use the pro- 
prietary Rete II rule engine. CLIPS/R2 
is said to be more than 50 times faster 
than the previous version on complex 
problems. 

CLIPS/R2 is upward-compatible with 
the most recent previous version of 
CLIPS, CLIPS 6.05. CLIPS/R2 supports 
forward-chaining rules, backward-chain- 
ing rules, objects, and conventional pro- 
cedures. The new backward-chaining 
rule engine in CLIPS/R2 supports cer- 
tainty factors, ANDs and ORs in rules, 
and HOW and WHY explanations. 
CLIPS/R2 rules bases can be embed- 
ded in C or C++ programs. The new 
CLIPS Interface Definition Compiler 
(CIDC) enables the CLIPS/R2 rules to 
operate transparently on existing C 
structs and C++ classes. 

CLIPS was developed by NASA 
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Johnson Space Center in 1985 and has 
become one of the most widely used 
expert systems tools in the world. 

CLIPS/R2 is available for Windows 
and UNIX systems. 

Contact Production Systems Tech- 
nologies, phone: (412) 683-4000, fax: 
(412) 683-6347. 


New from PLATINUM technology 


HP OpenView IT/Operations 
Integration 

PLATINUM technology has an- 
nounced that the PLATINUM Apriori 
problem resolution products are fully 
integrated with the Hewlett-Packard 
OpenView IT/Operations management 
framework. Apriori recently completed 
the HP IT/Operations certification pro- 
gram and has achieved the Premier level 
(highest technical level) of integration 
with IT/Operations. 

IT/Operations managers can now use 


the Internet and corporate intranets and 
the IT/Operations console to quickly 
solve problems via the Apriori Hands- 
Free Support tool. IT/Operations man- 
agers can also launch and manage 
Apriori, send and receive messages/alerts 
to and from Apriori, and pass informa- 
tion between Apriori and other systems 
management tools. 


Oracle Data Unloading 

PLATINUM technology has also 
announced PLATINUM Fast Unload for 
Oracle, a software utility that enables data- 
base administrators (DBAs) to extract 
data from an Oracle database table up 
to 23 times faster than Oracle Export. 

Fast Unload achieves its high speed 
by directly accessing Oracle database 
files, completely bypassing the SQL 
engine and Oracle kernel. No other 
data unloading product accesses Oracle 
database files in this manner. 

Fast Unload offers selective data 
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unloading, allowing users to extract spe- 
cific rows and columns from a table- 
space, further reducing the time it takes 
to unload select data; flexible output 
formatting options, allowing output 
records to be automatically formatted 
for compatibility with PLATINUM Fast 
Load for other database load utilities; 
and multiple output files, allowing for 
unloading of a table that is larger than 
2 GB (the maximum file system size on 
most UNIX systems today), increasing 
the reliability of an unload process. 


Database Administration 

PLATINUM technology has also 
announced Desktop DBA for UNIX, 
which replaces the need to memorize 
SQL syntax for hundreds of RDBMS com- 
mands with point-and-click commands. 


Routine and complex manage- 
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ment tasks for multiple database types 
that are supported include automating 
database comparisons, saving adminis- 
trators’ time when synchronizing data- 
bases; altering database objects— 
including tables, indexes, views, and pro- 
cedures—in real time simply by click- 
ing on dialogue box options; the ability 
to drag-and-drop objects and data— 
including all dependencies and associ- 
ated security—between database servers 
for efficient migrations; and streamlin- 
ing administrative functions, such as 
those for local and remote server con- 
figuration, user access permissions, and 
catalogue reporting. 

Prices start at $2,490. 

Contact PLATINUM, phone: (800) 
442-6861 or (708) 620-5000, e-mail: 
info@platinum.com. 
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New from Artecon 


8mm Tape Drive Subsystems 

Artecon has announced the Lynx 40- 
GB 8-mm tape drive. The follow-on 
product to the Lynx 14-GB 8-mm tape 
drive, this drive is fully read backward 
compatible. 

The transfer speed and cache have 
been redesigned for better performance 
and efficiency. The transfer speed of the 
40-GB tape drive at 6 MB/sec (com- 
pressed) is double that of the 14-GB 
drive. Cache has also increased from 
500 KB to 4 MB. 

The Lynx 8-mm tape subsystem 
includes modular stackability, external 
SCSI and AC jumpers for reducing cable 
tangles and SCSI bus length, internal 
PCBs to increase overall subsystem reli- 
ability by eliminating cable 
connections, and externally 
removable fans. 

Price for the Lynx 40-GB 
8-mm tape drive is $7,295. 


DLT Backup Subsystems 

Artecon has announced 
a full line of 19-inch EIA 
rackmountable DLT. The 
LynxRack DLT comple- 
ments the LynxRAID+ con- 
troller series and Lynx mass 
storage units. This subsystem 
offers many high availability 
features found in RAID con- 
troller subsystems. 

The LynxRack DLT supports two 
front removable, load-sharing power sup- 
plies that provide N+1 redundant power 
dedicated to each drive. Dual removable 
fan modules provide cooling to the 
power supplies and DLT tape drives. 
Dual AC outlets provide additional 
redundancy for the subsystem. 


Structural Research & 
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The DLT-4000 holds 20 GB 
native and up to 40 GB com- 
pressed, while the DLT-2000XT 
holds 15 GB native and up to 30 
GB compressed. The LynxRack 
DLT does not impede the fast 3.0 
MB/sec compressed transfer speed of 
either drive. 

Prices for the LynxRack DLT vary 
depending on the type and number of 
DLT drives and start at $6,995. 

Contact Artecon, phone: (619) 
931-5500. 


Secure Telnet Access 

WROQ has announced Reflection 
Secure 5.2, a new version of the com- 
pany’s software that implements the 
Kerberos V5 protocol for secure end- 
to-user authentication. The new ver- 
sion supports Windows 95 and 
Windows NT. When running on a PC 
with other Reflection host connectivi- 
ty products, the software provides 
secure Telnet access to UNIX, Digital, 
and HP host computers in a networked 
environment. As a client of Kerberos 
V5 or DCE security servers, Reflection 
Secure eliminates the need to send 
passwords over a network and protects 
against unauthorized use. 

The software features secure sin- 
gle sign-on, user password changes, 
and ease of use. Automatic creden- 
tials acquisition from the Reflection 
Telnet session minimizes the need 
for user training. Advanced options 
for credentials protection on 
Windows clients and support for mul- 
tiple credentials and multiple prin- 
cipals are provided. 

Reflection Secure 5.2 is priced at $99. 

Contact WRQ, phone: (800) 872- 
2829 or (206) 217-7100, fax: (206) 217- 
0293, e-mail: info@wrq.com. 
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Report Viewing Tool 

New Dimension Software has 
announced Version 2.10 of its 
CONTROL-D/PC for Windows 
report viewing tool. The tool 
enables users to download reports 
from New Dimension Software’s 
CONTROL-D mainframe report 
distribution software or CON- 
TROL-V mainframe report archiv- 
ing software. Using CONTROL-D/ 
PC installed on a Windows-based 
PC, these mainframe reports can 
be easily accessed for storage, 
viewing, modification, or printing. 
Reports can be archived to hard 
disk drives and removable media 
such as optical disks and CD-ROM. 
Other key features include a 
new GUI for the CONTROL-D/ 
Delivery report distribution solu- 
tion. Additionally, Version 2.10 now 
can import and view PostScript and 


Design Analysis 

Structural Research & Analysis 
Corporation has announced the 
addition of direct model transfer to 
Phase I of its COSMOS/ Works 
analysis interface to SolidWorks. 
Users will no longer need to save 
their SolidWorks models as IGES 
files for transfer to COSMOS/ 
Works. Benefits include faster analy- 
sis, with no delay during model 
transfer; greater accuracy, as no informa- 
tion will be lost during translation; easier, 
more successful meshing of models; and 
less internal bookkeeping due to duplica- 
tion of information. 

COSMOS/Works gives SolidWorks users 
the design analysis capabilities of COS- 
MOS/M and COSMOS/FFE (Fast Finite 
Element). A powerful flowchart guide walks 
users through the analysis process while 
answering “what if?” questions. COS- 
MOS/FFE solution technology solves com- 
plex problems up to 100 times faster than 
conventional analysis codes while reducing 
disk storage space up to 95 percent, enabling 
users to solve mainframe-sized problems on 
low-cost engineering workstations, PCs, and 
laptops, the company notes. 

Contact Structural Research & Analysis, 
phone: (310) 207-2800, ext. 770, e-mail: 
louise@srac.com. 


Adobe Acrobat files. 

CONTROL-D/PC can be purchased 
as a companion product for GON- 
TROL-D and CONTROL-V. Version 
2.10 is priced at $250 per seat. 

Contact New Dimension Software, 
phone: (800) 3474694, ext. 522 (North 
America), or 972-3-645-1111 (Israel), 
URL: http://www.ndsoft.com. 


Backup for Sybase, Oracle 

PDC has announced that its BudTool 
backup management tool has added 
support for Sybase 11 and Oracle 7.x. 
BudTool Support for Sybase works in 
conjunction with BudTool and uses the 
Sybase API and backup server to assure 


database integrity and performance. 
BudTool Support for Oracle provides 
full autodiscovery at the datafile level in 
a tablespace. The new database modules 
are supported on the Sun Solaris and 
HP-UX platforms. 

Bud Tool Support for Sybase permits 
hot backup of databases and transaction 
logs. Sybase database administrators can 
schedule automated backups and sim- 
plify retrievals using BudTool’s sophis- 
ticated media and automated tape 
library capabilities. Data can be restored 
from backup media with or without 
BudTool installed on the network. 

Oracle database backups and restores 
are scheduled and performed using the 
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same screens and interfaces used by 


BudTool for file system operations. The 
new database support module permits 
hot or cold backup of tablespaces, 
archive logs, and configuration files. 
Oracle 7.x backup tapes created with 
Bud Tool can be restored using standard 
UNIX and Oracle commands and 
procedures. 

Contact PDC, phone: (800) 654-4732 
or (610) 265-3300. 


New from HP 


HP-UX 10.20 

HP has announced its newest, most 
advanced enterprise-class HP-UX oper- 
ating system—HP-UX 10.20. This latest 
version extends HP-UX applicability 
across the entire HP 9000 product line 
of enterprise servers, workstations, and 
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Enterprise Parallel Servers (EPS). HP- 
UX Version 10.20 is designed to opti- 
mize the performance of HP’s 64-bit 
PA-8000 RISC processor. 

HP-UX 10.20 offers the following 
new technical advancements: full sup- 
port for 64-bit PA-8000 systems; large 
file size of up to 128 GB for support 
for Hierarchical and Journaled File 
Systems (HFS and JFS) and Logical 
Volume Manager (LVM); support for 
up to 2 billion user and group IDs; 
full X11R6 graphics libraries support 
(client and server); incorporation of 
a DMAPI (Data Management API) for 
hierarchical storage management in 
online JFS (OLJFS); enhancements 
to Process Resource Manager that 
allow allocation of RAM by user, 
group, or process; and symmetric mul- 
tiprocessing (SMP) support for net- 
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working and scalability. 

HP-UX 10.20 includes sey- 
eral features that support 64 
bit processor systems. One is 
large-file—up to 128 GB— 
support, including JFS, LVM, 
and high availability. This, in 
addition to the large-file sys- 
tem support introduced with HP-UX 
10.10, gives HP-UX 10.20 64-bit func- 
tionality in a 32-bit operating system. 
HP-UX 10.20’s maximum addressable 
RAM size is 3.75 GB. 

HP-UX 10.20 also includes advanced 
compiler functionality, fast procedure 
calls, virtual memory mapping, and 
large-page capabilities. Each of these 
features allows HP-UX 10.20 to facili- 
tate high-end OLTP, decision support, 
and technical applications—all while 
multiple applications are using the 
system environment. 

HP-UX 10.20 is scalable across the 
entire HP 9000 product line. As with pre- 
ceding versions of HP-UX, HP-UX 10.20 
is tuned to run on SMP systems. With SMP, 
the operating environment provides excel- 
lent scaling of application performance 
across multiple processors using a single 
version of the operating system. For enter- 
prise parallel computing, HP-UX 10.20 
allows running of parallel applications soft- 
ware for potential gains in performance. 

As with previous releases of HP-UX, 
HP-UX 10.20 provides forward binary 
compatibility when upgrading to new 
HP-UX versions and new servers and 
workstations. Any existing 9.X or 10.X 
application can be run unmodified in 
the 10.20 environment. HP-UX 10.20 is 
an X/Open UNIX 95-branded product, 
signifying that it conforms to X/Open’s 
Single UNIX Specification. 

A two-user license for the HP-UX 
10.20 environment is bundled with HP 


9000 workstations and servers, with addi- 
tional license levels available. 


SNA Connectivity 

HP has introduced new Systems 
Network Architecture (SNA) intercon- 
nectivity solutions. These networking 
products enable users to more rapidly 
and cost-effectively link HP 9000 com- 
mercial computing environments with 
large production systems from IBM. 

The latest release of HP’s HP-UX 
SNAplus2 features five comprehensive 
solutions that enhance system scalabili- 
ty and application availability in data- 
warehousing and mainframe-migration 
environments. SNAplus2 Link provides 
enhanced communication capabilities 
between an HP 9000 server or work- 
station and an IBM mainframe or peer 
system, such as an AS/400. HP-UX 
SNAplus2 3270/3179G provides inter- 
active communications between an HP 
9000 server and IBM-compatible main- 
frame or peer system using SNA 3270, 
3278, and 3179G/3192G emulation. HP- 
UX SNAplus2 APPN End Node allows 
an HP 9000 system to take full advan- 
tage of Advanced Peer-to-Peer Net- 
working (APPN) facilities while still 
retaining the capability to operate in tra- 
ditional mainframe host-managed net- 
works. HP-UX SNAplus2 API allows a 
wide variety of VPIs to enable applica- 
tion communications. HP-UX SNAplus2 
Remote Job Entry provides batch data 
transfer between an HP 9000 system and 
an IBM mainframe host in an SNA 
environment. 

The HP-UX SNAplus2 portfolio starts 
at $3,550 for Tier | systems. Stand-alone 
SNAplus2 starting prices are as follows: 
HP-UX SNAplus?2 Link, $500; HP-UX 
SNAplus2 APPN EN, $600; HP-UX 
SNAplus2 3270/3179G, $850; HP-UX 


SNAplus2 API, $300; and HP-UX 
SNAplus2 RJE, $1,300. 


Intranet Security Software 

HP recently unveiled the Praesidium/ 
Security Service for user authentication, 
and the comprehensive Virtual Vault 
security solution. With the Praesidium/ 
Security Service, non-DCE users can have 
DCE-like authentication without a 
DCE/9000 cell. HP VirtualVault is the 
first comprehensive security solution that 
enables electronic transactions end-to- 
end without compromising the integrity 
of internal computing environments. HP 
VirtualVault software, part of HP’s 
Praesidium enterprise security framework, 
grants internal and external clients Web 
access to critical applications while safe- 
guarding proprietary information assets. 

Praesidium/Security Service safe- 
guards passwords with Kerberos-based 
security mechanisms that authenticate 
users and application servers through an 
exchange of encrypted “tickets.” A ticket 
is a complex encrypted identification that 
substitutes for a password. Short-lived 
tickets—not valuable passwords—are 
transmitted throughout the network. 

Security Service supports HP-UX 
Internet services, which form the basis of 
Internet/intranet functions such as ftp, 
remote shell (remsh), remote copy 
(rcp), remote login (rlogin), and tel- 
net. Applications based on Kerberos, 
such as those found in banking and 
telecommunications industries, also can 
use Security Service for authentication. 

Security Service provides scalable 
and highly available authentication 
and security-enhanced communi- 
cation. It can be monitored through 
the graphical OpenView tool HP DE/ 
Service Monitor. 

HP’s VirtualVault addresses the weak 


link in security by providing a security 
gateway to the enterprise and granting 
selective access to sensitive information. 
At the foundation of VirtualVault is a 
trusted operating system that exceeds 
strict U.S. government B1 and European 
E3 standards and has been used in military 
agencies’ computer networks. VirtualVault 
provides data partitioning and least 
privilege (no root) to ensure a more 
secure environment for Web applications. 

All electronic transactions bound for 
sensitive internal applications must travel 
through VirtualVault’s trusted gateway, 
which acts as a safeguard against users and 
applications gaining unauthorized access 
to information or systems and provides 
support for VirtualVault administration. 
Administration of the Web server and the 
operating system is simplified through a 
browser-based interface. VirtualVault also 
incorporates a Netscape Web server to 
handle external Web requests. 

Firewalls provide necessary protection 
between organizations and the Internet, 
filtering common network services such as 
email, telnet, and ftp services. They do not 
provide protection for the Web transaction 
itself. Firewalls complement VirtualVault 
and are used side-by-side in an architecture 
that connects to the Internet. 

Praesidium/Security Service is priced 
from $3,100 to $15,500 per server. 
VirtualVault is available worldwide 
immediately. A single copy costs $75,000; 
two to five VirtualVault licenses cost 
$65,000 each; and six or more copies 
cost $45,000 each. 


PE/WorkManager for Workgroups 3.0 
HP has announced HP PE/ 
WorkManager for Workgroups 3.0, a 
new release of its team-oriented data- 
management solution for engineering 
workgroups. The new release adds 
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new products 


features for managing change orders 
and bills of materials and for classifying 
objects used in engineering designs. 

The workgroup solution is based on 
the company’s product-data and workflow 
management system, HP WorkManager, 
and integrates with the HP PE/ME10 2-D 
design and drafting application and with 
the HP PE/SolidDesigner solids-model- 
ing software. 

The new change-management fea- 
ture helps save time and money by sim- 
plifying the setup of change orders and 
requests and managing the flow of 
information. The classification inter- 
face, introduced with this version, 
reduces design time by letting engi- 
neers classify, find, and retrieve objects 
from the database and load them 
directly into HP PE/ME10 or HP 
PE/SolidDesigner. The enhanced bills- 
of-materials management feature— 
available as an add-on module 
—enables multilevel scanning of the 
parts structure and allows updating of 
existing product structures directly 
from HP PE/ME10 and HP PE/Solid- 
Designer solutions. 

HP PE/Workmanager for Workgroups 
supports various relational databases, such 
as Oracle, HP ALLBASE, Sybase, and 
Informix. It can be extended with HP 
WorkManager modules for additional 
functionality. An integration toolkit and 
certification program is available to part- 
ners interested in integrating their appli- 
cations into the HP PE/WorkManager 
for Workgroups interface. 

HP PE/WorkManager for Work- 
groups 3.0 is available now for HP and 
Silicon Graphics UNIX workstations, as 
well as for PCs running Windows. Prices 
start from $1,950 per seat for HP 
PE/WorkManager for Workgroups, 
including integration to HP PE/ME10 
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or HP PE/SolidDesigner, and prices 
start from $1,390 per seat for the 
integration toolkit. 


Netscape SuiteSpot 

HP has announced that it has signed 
an agreement with Netscape to include 
Netscape SuiteSpot server software on the 
HP 9000 enterprise Web server product 
lines. HP also announced it is shipping the 
following—Netscape Enterprise Server, 
Netscape Proxy Server, and Netscape 
FastTrack Server software—on its HP 9000 
enterprise Web server product line. 

Netscape SuiteSpot is an integrated 
suite of Web servers for building corporate 
intranets. It includes Netscape’s LiveWire 
Pro visual development tool, plus any 
combination of the five Netscape 
SuiteSpot servers: Netscape Enterprise 
Server, Netscape Proxy Server, Netscape 
News Server, Netscape Mail Server, or 
Netscape Catalog Server. 

Netscape uses the HP 9000 Model 
K400 four-way Enterprise Web Server to 
service its own home page, http:// 
www.netscape.com. In a five-day test per- 
formed by HP and Netscape in July, the 
HP 9000 Enterprise Web Server handled 
more than 15 million hits a day, making 
it the highest-performing single system 
of any of the systems currently running 
on Netscape’s Web site. 

HP also offers consulting expertise 
for Netscape products within the 
Internet Services Practice of HP’s 
Professional Services Organization. 

Netscape FastTrack Server is avail- 
able on HP 9000 Enterprise Web Servers 
for $295. Netscape Enterprise Server 
and Netscape Proxy Server are available 
now on HP 9000 Enterprise Web Servers 
for $995 each. Existing customers may 
upgrade immediately. HP plans to ship 
the balance of Netscape SuiteSpot— 


Netscape News Server, Netscape Mail 
Server, and Netscape Catalog Server— 
beginning in the fourth quarter of 1996. 


Software Update Tools 

HP has announced Software Update 
Manager, an Internet-based online tool that 
makes it easier for users to support and 
update their software applications. Software 
Update Manager is a free-of-charge service 
available to users with support contracts for 
the HP 9000 Series 700 and 800. 

Previously, users automatically received 
regular updates via postal mail and then 
decided whether or not to use the updates. 
With the Software Update Manager, they 
are automatically notified of available 
updates but receive only the updates that 
they order online. Software Update 
Manager also may be used to check the 
shipping status of requested updates, view 
comprehensive update histories on indi- 
vidual systems, and review data on avail- 
able application and software updates. 

HP 9000 Series 700 and 800 comput- 
er users may use the program as part of 
their current HP software support agree- 
ment at no extra charge. All users need is 
Internet access with Web Browser capa- 
bilities and CD-ROM as their media. Users 
may access the program at hitp://ussup- 
port.external. hp.com or via HP’s home page. 
The complete capabilities of Software 
Update Manager are available now in the 
U.S. and Canada. HP plans to make the 
program available in Europe by fall of 
1996 and in Asia in 1997. 


Attention vendors: New product announce- 
ments should be sent to New Products Editor, 
hp-ux/usr magazine, Interex, PO. Box 3439, 
Sunnyvale, California 94088-3439, USA, or 
e-mail: pollace@interex. org. 

Deadline for submission is two months 
prior to publication. 
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hp-ux/resource directory 


The hp-ux/resource directory is a complete resource guide for HP-UX users seeking answers. This is one of the 
industry's most extensive reference guides for HP-UX products, services, and vendors. It will be devoted entirely to 
HP 9000 users operating in multi-user, workstation, and multi-system UNIX environments. This bi-annual directory, 
published each year in March and September, is a separate publication mailed out with hp-ux/usr magazine, the only 
HP-specific publication on the market. 

Added BONUS: your message will reach your customers for one full year on the Internet. Look for the directory on the 
Interex home page http://www.interex.org. The investment for a full year listing in the hp-ux/resource directory is $475. 


Propuct CATEGORIES 


Accounting 

Accounting Software 
Alphanumeric Paging Software 
Application Development Software 
Application Development Tools 
Application Development Tools/4GL 
Application Engineering 
Backup/Restore 

Backup Software 

Bar Code Data Collection Systems 
Batch Job Management 

Books 


Business-Critical Application Development & 


Deployment 
Business Software 
CD-R 
CAD Software /Hardware 
Change Management for Software 

Development 
Change Management Tools 
CheckPoint Restart Facility 
Client-Server 
Client-Server Software 
Communications 
Communications Servers 
Communications Software 
Consulting 
Consulting/Systems Integration 
Customer Support 
Customer Support/Help Desk Systems 
Database Management Systems 
Database Management Tools 
Data Center Management 
Data Migration Tool 
Data Warehousing 
Decision Support Systems 
Diagramming & Flowcharting 
Disaster Recovery 
Distributed Computing 
Distribution Software 
Distributor 
Document Management 
Electronic Data Interchange (EDI) 
Electronic Form Printing 
E-Mail & Directory Integration 
End-User Access Tools 
End-User Computing 
Equipment 
Executive Information Systems 
Facility Maintenance Software 
Fax Automation 
Fax Software 
File Manager Utility 
Financial 


Forestry 

Fourth Generation Language 
GIS (Geographic Information System) 
Government & Utility Software 
Graphics 

Groupware 

Hardware 

Hardware/Mass Storage 
Hardware Subsystems 

Help Desk Management 
Human Resources & Personnel Systems 
Image Processing 

Image Storage & Retrieval Management 
Industrial Terminals 

Input Devices 

Instrument Control 
Integration Tools 

Internet 

Internet Commerce 
Internet/Intranet 

Internet Services 

Internet Solutions 

Inventory Control 

I/O Boards 

Job Scheduling & Workload Management 
Justice Software 

Laser Printing Software 
Maintenance 

Manufacturing Software 

Mass Storage 

Mass Storage Peripherals 

Math Library 

Memory 

Memory Upgrades 
Middleware 

Migration Services 

Migration Services/Tools 
Migration Tools 

Modular Mass Storage 
Multimedia 

Network Backup Software 
Networking 

Networking Systems 

Network Management 

Output Management 

Payroll 

PC Card Reader 

PC Compatibility 

PC Integration 

Performance 

Performance Software 
Personal Information Manager 
Personnel Management 
Pointing Devices 


Power Protection & Conditioning 
Print Management 

Print Management Software 
Process Control Software 
Production Planning 

Project Management 
Programmer’s Editor 

Protocol Converters /Interfaces-Hardware 
Publications 

Public Safety Software 

Quality Assurance Tools 
Records Management 

Rentals 

Report Viewing, Printing, & Distribution 
Report Writers 

Sales & Marketing 

Scheduling 

Scheduling/Task Management 
Security 

Service Repairs 

Software 

Software Backup 

Software Development Tools 
Software Distribution Tools 
Software Maintenance & Testing 
Spoolers 

Spreadsheets 

Statistics/Data Analysis 

System Integration 

System Management 

System Management Tools 
System Printers 

3-D Graphics Tool Kit 

3-D Porting Tool 

Tape Backup Products 

Tape Storage/Data Interchange 


Technical Documentation / Cross-Referencing 


Terminals 

Terminal Emulation 

Text & Information Retrieval 

Text Editors 

Time & Billing 

Time Reporting Terminals 
Training 

User Groups 
Video/Keyboard/Mouse Extension 
Warehouse & Distribution Management 
Workstations 


Other categories may be created as needed. 
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The New Vikon. 
Full strength UNIX on-the-go! 


| fee-sece = =©) 13° 1280 x 1024 VUEpanel™ 

Semen =) 100 MHz HP PA-RISC 
Gand O 192 Mb RAM, 10 Gb disk 
Partner UO) Three internal bays 

QO) DC power & rackmount option 


Have you been yearning for an easy to tote 
system with full UNIX capabilities? The new 
Vikon™ is your answer. It's a Hewlett-Packard 
PA-RISC powered SuperTransportable® with a 
real workstation display. 


It's for savvy, on-the-go professionals who 
need a TransportableWorkstation™ for on-the-site 
solutions, or those who simply need full strength™ 
UNIX and portability. The Vikon is small enough 
and light enough to go wherever you need to be. 
And, when you get there, you'll have a real UNIX 
workstation at your command. 


The VUEpanel display will reward you with 
crisp, brilliant images. PA-RISC delivers power and 
performance, while HP-UX provides the application 
solution base you're looking for. And, it's portable! 


So, when you're on-the-go and need a full 
strength UNIX platform by your side, the Vikon is 
your answer. It's from SEJUS.® A Hewlett-Packard 
authorized VAR, serving the HP community since 
1986. Call us now for more information. 


SEJUS... providing better solutions.® 


> SEJUS 


SEJUS CORPORATION 

2618 PALISADES CREST DRIVE 

LAKE OSWEGO, OR 97034-7550 USA 
PHONE 503.638.9000 FAX 503.638.9009 
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® registered, ™ trademark of SEJUS Corporation. All other trademarks are the property of their respective owners. 
Printed in the USA. © 1995 SEJUS CORPORATION. All rights reserved. 4703R1295. 
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THE MAMMOTH 8MM CARTRIDGE TAPE SUBSYSTEM FROM 
EXABYTE USES HIGH—PERFORMANCE IDRC DATA COMPRESSION to 
give you double capacity and throughput. That high capacity along with ultra-fast transfer 
rate and search speed offers the performance you require to meet growing data storage needs. 


BIG ADVANTAGES— 


°° HIGH PERFORMANCE —for digital video and multimedia applications 
9° HIGH CAPACI T Y—40GB [compressed] at 6MB/sec. transfer rate 
S9 COMPATIBILITY with earlier 8mm releases. 


The Mammoth 8MM tape subsystem is available today from Consan. Consan 
distributes a full line of tape, disk and optical storage products from the world’s 
leading manufacturers. For more information on the Mammoth subsystem or other storage 


products, call Consan today at || | 8 0) 0) m 2 2 ®» o ID I S Ik 
[3475]. 


S 7676 EXECUTIVE DRIVE 1320 TOWER ROAD 101 EAST PARK BLVD. , 
EX AlBY ® e Q iN EDEN PRAIRIE, MN 55344. SCHAUMBURG, IL 60173 PLANO, TX 75074 CONSAN 
S TEL: 612-949-0053 TEL: 847-519-1060 TEL: 214-422-3392 


° FAX: 612-949-0453 FAX: 847-519-1248 FAX: 214-422-3397 
We're Backing It Up. 
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